Amazon GuardDuty Skill
amazonaws-com-guardduty
Endpoints
| Method | Path | Description |
|---|---|---|
POST | /detector/{detectorId}/administrator | |
POST | /detector/{detectorId}/master | Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the invitation. |
POST | /detector/{detectorId}/findings/archive | Accepts the invitation to be monitored by a GuardDuty administrator account. |
POST | /detector | Archives GuardDuty findings that are specified by the list of finding IDs. Only the administrator account can archive findings. Member accounts don't have permission to archive fi... |
POST | /detector/{detectorId}/filter | Creates a single GuardDuty detector. A detector is a resource that represents the GuardDuty service. To start using GuardDuty, you must create a detector in each Region where you... |
POST | /detector/{detectorId}/ipset | Creates a filter using the specified finding criteria. The maximum number of saved filters per Amazon Web Services account per Region is 100. For more information, see Quotas for... |
POST | /malware-protection-plan | Creates a new IPSet, which is called a trusted IP list in the console user interface. An IPSet is a list of IP addresses that are trusted for secure communication with Amazon Web... |
POST | /detector/{detectorId}/member | Creates a new Malware Protection plan for the protected resource. When you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware Protection... |
POST | /detector/{detectorId}/publishingDestination | Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs. This step is a prerequisite for managing the associated... |
POST | /detector/{detectorId}/findings/create | Creates a publishing destination to export findings to. The resource to export findings to must exist before you use this operation. |
POST | /detector/{detectorId}/threatintelset | Generates sample findings of types specified by the list of finding types. If 'NULL' is specified for findingTypes, the API generates sample findings of all supported finding type... |
POST | /invitation/decline | Creates a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets. Only users of the administrator accou... |
DELETE | /detector/{detectorId} | Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs. |
DELETE | /detector/{detectorId}/filter/{filterName} | Deletes an Amazon GuardDuty detector that is specified by the detector ID. |
DELETE | /detector/{detectorId}/ipset/{ipSetId} | Deletes the filter specified by the filter name. |
POST | /invitation/delete | Deletes the IPSet specified by the ipSetId. IPSets are called trusted IP lists in the console user interface. |
DELETE | /malware-protection-plan/{malwareProtectionPlanId} | Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs. |
POST | /detector/{detectorId}/member/delete | Deletes the Malware Protection plan ID associated with the Malware Protection plan resource. Use this API only when you no longer want to protect the resource associated with this... |
DELETE | /detector/{detectorId}/publishingDestination/{destinationId} | Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs. With autoEnableOrganizationMembers configuration for your organiza... |
DELETE | /detector/{detectorId}/threatintelset/{threatIntelSetId} | Deletes the publishing definition with the specified destinationId. |
POST | /detector/{detectorId}/malware-scans | Deletes the ThreatIntelSet specified by the ThreatIntelSet ID. |
GET | /detector/{detectorId}/admin | Returns a list of malware scans. Each member account can view the malware scans for their own accounts. An administrator can view the malware scans for all the member accounts. Th... |
GET | /detector/{detectorId}/publishingDestination/{destinationId} | Returns information about the account selected as the delegated administrator for GuardDuty. There might be regional differences because some data sources might not be available i... |
POST | /admin/disable | Returns information about the publishing destination specified by the provided destinationId. |
POST | /detector/{detectorId}/administrator/disassociate | Removes the existing GuardDuty delegated administrator of the organization. Only the organization's management account can run this API operation. |
POST | /detector/{detectorId}/master/disassociate | Disassociates the current GuardDuty member account from its administrator account. When you disassociate an invited member from a GuardDuty delegated administrator, the member acc... |
POST | /detector/{detectorId}/member/disassociate | Disassociates the current GuardDuty member account from its administrator account. When you disassociate an invited member from a GuardDuty delegated administrator, the member acc... |
POST | /admin/enable | Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs. When you disassociate an invited member from a GuardDuty delegated a... |
GET | /detector/{detectorId}/administrator | Designates an Amazon Web Services account within the organization as your GuardDuty delegated administrator. Only the organization's management account can run this API operation. |
POST | /detector/{detectorId}/coverage/statistics | Provides the details of the GuardDuty administrator account associated with the current GuardDuty member account. If the organization's management account or a delegated administr... |
Install as Skill
Use this API as a Claude Code skill for instant agent access.
CLI Install
lapsh skill-install amazonaws-com-guardduty
Downloads and installs to ~/.claude/skills/amazonaws-com-guardduty/
Recent Versions (1)
2017-11-28(2026-02-13)