Amazon GuardDuty
amazonaws · Cloud
Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC flow logs, Amazon Web Services CloudTrail management event logs, CloudTrail S3 data event logs, EKS audit logs, DNS logs, and Amazon EBS volume data. It uses threat intelligence feeds, such as lists of malicious IPs and domains, and machine learning to identify unexpected, potentially unauthorized, and malicious activity within your Amazon Web Services environment. This can
Authentication
Sample Requests
Lists detectorIds of all the existing Amazon GuardDuty detector resources.
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/detector?NextToken=example&nextToken=example&MaxResults=example&maxResults=1"
import requests
params = {
"NextToken": "example",
"nextToken": "example",
"MaxResults": "example",
"maxResults": "1"
}
response = requests.get(
"https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/detector",
params=params,
)
print(response.json())const url = new URL('https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/detector');
url.searchParams.set('NextToken', 'example');
url.searchParams.set('nextToken', 'example');
url.searchParams.set('MaxResults', 'example');
url.searchParams.set('maxResults', '1');
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/detector")
q := baseURL.Query()
q.Set("NextToken", "example")
q.Set("nextToken", "example")
q.Set("MaxResults", "example")
q.Set("maxResults", "1")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/detector")
uri.query = URI.encode_www_form({
"NextToken" => "example",
"nextToken" => "example",
"MaxResults" => "example",
"maxResults" => "1"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/detector?" . http_build_query([
"NextToken" => "example",
"nextToken" => "example",
"MaxResults" => "example",
"maxResults" => "1"
]);
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account.
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/invitation?NextToken=example&nextToken=example&MaxResults=example&maxResults=1"
import requests
params = {
"NextToken": "example",
"nextToken": "example",
"MaxResults": "example",
"maxResults": "1"
}
response = requests.get(
"https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/invitation",
params=params,
)
print(response.json())const url = new URL('https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/invitation');
url.searchParams.set('NextToken', 'example');
url.searchParams.set('nextToken', 'example');
url.searchParams.set('MaxResults', 'example');
url.searchParams.set('maxResults', '1');
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/invitation")
q := baseURL.Query()
q.Set("NextToken", "example")
q.Set("nextToken", "example")
q.Set("MaxResults", "example")
q.Set("maxResults", "1")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/invitation")
uri.query = URI.encode_www_form({
"NextToken" => "example",
"nextToken" => "example",
"MaxResults" => "example",
"maxResults" => "1"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/invitation?" . http_build_query([
"NextToken" => "example",
"nextToken" => "example",
"MaxResults" => "example",
"maxResults" => "1"
]);
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Lists the accounts configured as GuardDuty delegated administrators.
Hover any highlighted part to learn what it does
curl -X GET "https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/admin?NextToken=example&nextToken=example&MaxResults=example&maxResults=1"
import requests
params = {
"NextToken": "example",
"nextToken": "example",
"MaxResults": "example",
"maxResults": "1"
}
response = requests.get(
"https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/admin",
params=params,
)
print(response.json())const url = new URL('https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/admin');
url.searchParams.set('NextToken', 'example');
url.searchParams.set('nextToken', 'example');
url.searchParams.set('MaxResults', 'example');
url.searchParams.set('maxResults', '1');
const response = await fetch(url);
const data = await response.json();
console.log(data);package main
import (
"fmt"
"io"
"net/http"
"net/url"
)
func main() {
baseURL, _ := url.Parse("https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/admin")
q := baseURL.Query()
q.Set("NextToken", "example")
q.Set("nextToken", "example")
q.Set("MaxResults", "example")
q.Set("maxResults", "1")
baseURL.RawQuery = q.Encode()
targetURL := baseURL.String()
req, _ := http.NewRequest("GET", targetURL, nil)
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require "net/http"
require "json"
uri = URI("https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/admin")
uri.query = URI.encode_www_form({
"NextToken" => "example",
"nextToken" => "example",
"MaxResults" => "example",
"maxResults" => "1"
})
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"
req = Net::HTTP::Get.new(uri)
res = http.request(req)
puts JSON.parse(res.body)<?php
$url = "https://api.apis.guru/v2/specs/amazonaws.com/guardduty/2017-11-28/admin?" . http_build_query([
"NextToken" => "example",
"nextToken" => "example",
"MaxResults" => "example",
"maxResults" => "1"
]);
$opts = ["http" => [
"method" => "GET",
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));Postman Setup Guide
- See official documentation for authentication and setup.
What can you build with Amazon GuardDuty?
Amazon GuardDuty is a Cloud API. Developers commonly use cloud APIs for:
- provisioning and managing cloud infrastructure
- automating deployments and container orchestration
- monitoring uptime and performance metrics
- managing storage buckets and databases
- setting up auto-scaling and load balancing
No authentication required. This API is open — no signup or key needed. Ideal for quick prototypes and public-facing features. Amazon GuardDuty is free to use, making it a low-risk choice to experiment with.
New to APIs? Read our beginner's guide · Learn about API keys · What is REST?