- \n
- \u062d\u0633\u0627\u0628 AWS<\/li>\n<\/ul>\n
\u062f\u0631\u0628\u0627\u0631\u0647 Amazon GuardDuty<\/h2>\n
\u0642\u0628\u0644 \u0627\u0632 \u0627\u06cc\u0646\u06a9\u0647 \u0648\u0627\u0631\u062f \u0622\u0645\u0648\u0632\u0634 \u0634\u0648\u06cc\u0645\u060c \u062f\u0631\u06a9 \u0639\u0645\u0644\u06a9\u0631\u062f \u0627\u0633\u0627\u0633\u06cc \u0628\u0631\u062e\u06cc \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f \u0645\u0641\u06cc\u062f \u0627\u0633\u062a. Amazon GuardDuty \u062a\u0634\u062e\u06cc\u0635 \u062a\u0647\u062f\u06cc\u062f \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u0628\u0647 \u0637\u0648\u0631 \u0645\u062f\u0627\u0648\u0645 \u062d\u0633\u0627\u0628 \u0647\u0627\u06cc AWS\u060c \u0628\u0627\u0631\u0647\u0627\u06cc \u06a9\u0627\u0631\u06cc \u0648 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0630\u062e\u06cc\u0631\u0647 \u0633\u0627\u0632\u06cc \u0633\u0627\u062f\u0647 \u0622\u0645\u0627\u0632\u0648\u0646 (S3) \u0631\u0627 \u0646\u0638\u0627\u0631\u062a \u0648 \u0645\u062d\u0627\u0641\u0638\u062a \u06a9\u0646\u06cc\u062f. GuardDuty \u062c\u0631\u06cc\u0627\u0646\u200c\u0647\u0627\u06cc \u0645\u062a\u0627\u062f\u06cc\u062a\u0627\u06cc \u067e\u06cc\u0648\u0633\u062a\u0647 \u062a\u0648\u0644\u06cc\u062f \u0634\u062f\u0647 \u0627\u0632 \u062d\u0633\u0627\u0628 \u0648 \u0641\u0639\u0627\u0644\u06cc\u062a \u0634\u0628\u06a9\u0647 \u0634\u0645\u0627 \u0631\u0627 \u06a9\u0647 \u062f\u0631 \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc AWS CloudTrail\u060c \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627\u06cc \u062c\u0631\u06cc\u0627\u0646 \u0627\u0628\u0631 \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0622\u0645\u0627\u0632\u0648\u0646 (VPC) \u0648 \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0646\u0627\u0645 \u062f\u0627\u0645\u0646\u0647 (DNS) \u06cc\u0627\u0641\u062a \u0645\u06cc\u200c\u0634\u0648\u062f\u060c \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f. GuardDuty \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0632 \u0647\u0648\u0634 \u062a\u0647\u062f\u06cc\u062f \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0645\u0627\u0646\u0646\u062f \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0645\u062e\u0631\u0628 \u0634\u0646\u0627\u062e\u062a\u0647 \u0634\u062f\u0647\u060c \u062a\u0634\u062e\u06cc\u0635 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0648 \u06cc\u0627\u062f\u06af\u06cc\u0631\u06cc \u0645\u0627\u0634\u06cc\u0646 (ML) \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u062f\u0642\u06cc\u0642 \u062a\u0631 \u062a\u0647\u062f\u06cc\u062f\u0647\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n
GuardDuty \u06a9\u0627\u0645\u0644\u0627\u064b \u0645\u0633\u062a\u0642\u0644 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0634\u0645\u0627 \u0639\u0645\u0644 \u0645\u06cc \u06a9\u0646\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0647\u06cc\u0686 \u062e\u0637\u0631\u06cc \u0628\u0631\u0627\u06cc \u062a\u0623\u062b\u06cc\u0631 \u0639\u0645\u0644\u06a9\u0631\u062f \u06cc\u0627 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0628\u0648\u062f\u0646 \u0628\u0631 \u062d\u062c\u0645 \u06a9\u0627\u0631\u06cc \u0634\u0645\u0627 \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f. \u0627\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 \u0628\u0647 \u0637\u0648\u0631 \u06a9\u0627\u0645\u0644 \u0628\u0627 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u062a\u0647\u062f\u06cc\u062f\u060c \u062a\u0634\u062e\u06cc\u0635 \u0646\u0627\u0647\u0646\u062c\u0627\u0631\u06cc \u0648 ML \u0645\u062f\u06cc\u0631\u06cc\u062a \u0645\u06cc \u0634\u0648\u062f. Amazon GuardDuty \u0647\u0634\u062f\u0627\u0631\u0647\u0627\u06cc \u062f\u0642\u06cc\u0642 \u0648 \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0627\u062d\u062a\u06cc \u0628\u0627 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u0631\u0648\u06cc\u062f\u0627\u062f \u0648 \u06af\u0631\u062f\u0634 \u06a9\u0627\u0631 \u0645\u0648\u062c\u0648\u062f \u0627\u062f\u063a\u0627\u0645 \u0645\u06cc \u0634\u0648\u0646\u062f. \u0647\u06cc\u0686 \u0647\u0632\u06cc\u0646\u0647 \u0627\u0648\u0644\u06cc\u0647 \u0627\u06cc \u0648\u062c\u0648\u062f \u0646\u062f\u0627\u0631\u062f \u0648 \u0634\u0645\u0627 \u0641\u0642\u0637 \u0628\u0631\u0627\u06cc \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc \u062a\u062c\u0632\u06cc\u0647 \u0648 \u062a\u062d\u0644\u06cc\u0644 \u0634\u062f\u0647 \u067e\u0631\u062f\u0627\u062e\u062a \u0645\u06cc \u06a9\u0646\u06cc\u062f\u060c \u0628\u062f\u0648\u0646 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0627\u0636\u0627\u0641\u06cc \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0642\u0631\u0627\u0631 \u06cc\u0627 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0641\u06cc\u062f \u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc \u062a\u0647\u062f\u06cc\u062f.<\/p>\n
\u062f\u0631\u0628\u0627\u0631\u0647 Terraform \u0648 Cloud9<\/h2>\n
Terraform \u06cc\u06a9 \u0627\u0628\u0632\u0627\u0631 Infrastructure-as-Code (IaC) \u0627\u0633\u062a \u06a9\u0647 \u062a\u0648\u0633\u0637 Hashicorp \u0627\u06cc\u062c\u0627\u062f \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u0631\u0627 \u0628\u0627 \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u0647 \u062c\u0627\u06cc \u0631\u0627\u0628\u0637 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u06a9\u0646\u06cc\u062f. \u0628\u0627 Terraform \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u200c\u0647\u0627\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u062e\u0648\u0627\u0646\u0627 \u0648 \u0627\u0639\u0644\u0627\u0645\u06cc \u0628\u0633\u0627\u0632\u06cc\u062f\u060c \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f \u0648 \u0646\u0627\u0628\u0648\u062f \u06a9\u0646\u06cc\u062f. \u0628\u0644\u0647\u060c \u0634\u0645\u0627 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0632\u06cc\u0631\u0633\u0627\u062e\u062a AWS \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0628\u0633\u0627\u0632\u06cc\u062f\u060c \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f \u0648 \u0627\u0632 \u0628\u06cc\u0646 \u0628\u0628\u0631\u06cc\u062f – \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u067e\u0644\u0627\u06af\u06cc\u0646 Terraform \u0628\u0647 \u0646\u0627\u0645 Provider. \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u0647 AWS \u0628\u0647 Terraform \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0631\u0627\u0628\u0637 \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 AWS (API) \u062a\u0639\u0627\u0645\u0644 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f.<\/p>\n
\u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0627\u0632 AWS Cloud9 \u0628\u0631\u0627\u06cc \u0627\u0646\u062c\u0627\u0645 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc Terraform \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f. AWS Cloud9 \u06cc\u06a9 \u0645\u062d\u06cc\u0637 \u062a\u0648\u0633\u0639\u0647 \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 \u0627\u0628\u0631 (IDE) \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u06a9\u062f \u062e\u0648\u062f \u0631\u0627 \u0641\u0642\u0637 \u0628\u0627 \u06cc\u06a9 \u0645\u0631\u0648\u0631\u06af\u0631 \u0628\u0646\u0648\u06cc\u0633\u06cc\u062f\u060c \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u0648 \u0627\u0634\u06a9\u0627\u0644 \u0632\u062f\u0627\u06cc\u06cc \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u0634\u0627\u0645\u0644 \u06cc\u06a9 \u0648\u06cc\u0631\u0627\u06cc\u0634\u06af\u0631 \u06a9\u062f\u060c \u062f\u06cc\u0628\u0627\u06af\u0631 \u0648 \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0627\u0633\u062a. Cloud9 \u0628\u0627 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0636\u0631\u0648\u0631\u06cc \u0628\u0631\u0627\u06cc \u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u0628\u0631\u0646\u0627\u0645\u0647 \u0646\u0648\u06cc\u0633\u06cc \u0645\u062d\u0628\u0648\u0628 \u0627\u0632 \u062c\u0645\u0644\u0647 \u062c\u0627\u0648\u0627 \u0627\u0633\u06a9\u0631\u06cc\u067e\u062a\u060c \u067e\u0627\u06cc\u062a\u0648\u0646\u060c PHP \u0648 Terraform \u0627\u0632 \u067e\u06cc\u0634 \u0628\u0633\u062a\u0647 \u0628\u0646\u062f\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0628\u0631\u0627\u06cc \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0627\u06cc\u0646 \u06a9\u0627\u0631\u06af\u0627\u0647 \u0646\u06cc\u0627\u0632\u06cc \u0628\u0647 \u0646\u0635\u0628 \u0641\u0627\u06cc\u0644 \u0647\u0627 \u06cc\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u062f\u0633\u062a\u06af\u0627\u0647 \u062a\u0648\u0633\u0639\u0647 \u062e\u0648\u062f \u0646\u062f\u0627\u0631\u06cc\u062f. Cloud9 \u0628\u0631 \u0631\u0648\u06cc \u06cc\u06a9 \u0646\u0645\u0648\u0646\u0647 EC2 \u0627\u062c\u0631\u0627 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0647\u0646\u06af\u0627\u0645 \u0634\u0631\u0648\u0639 \u0627\u06cc\u0646 \u06a9\u0627\u0631\u06af\u0627\u0647 \u0628\u0631\u0627\u06cc \u0634\u0645\u0627 \u0627\u06cc\u062c\u0627\u062f \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n
\u0622\u0646\u0686\u0647 \u0634\u0645\u0627 \u0627\u0646\u062c\u0627\u0645 \u062e\u0648\u0627\u0647\u06cc\u062f \u062f\u0627\u062f<\/h2>\n
- \n
- \u06cc\u06a9 \u0645\u06cc\u0632\u0628\u0627\u0646 “\u0645\u062e\u0627\u0637\u0628” \u0628\u0627 \u06cc\u06a9 \u0645\u06cc\u0632\u0628\u0627\u0646 “\u062f\u0631 \u062e\u0637\u0631” \u062a\u0639\u0627\u0645\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0628\u0627\u0639\u062b \u0645\u06cc \u0634\u0648\u062f GuardDuty \u06cc\u06a9 \u06cc\u0627\u0641\u062a\u0647 \u0631\u0627 \u06af\u0632\u0627\u0631\u0634 \u06a9\u0646\u062f.<\/li>\n
- \u0627\u06cc\u0646 \u06cc\u0627\u0641\u062a\u0647 \u062f\u0631 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 EventBridge \u06a9\u0647 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f\u060c \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f. \u0642\u0627\u0646\u0648\u0646 EventBridge \u062f\u0648 \u06a9\u0627\u0631 \u0632\u06cc\u0631 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u062f:<\/li>\n
- \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 SNS \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f. \u0627\u06cc\u0646 \u0642\u0627\u0646\u0648\u0646 SNS \u06cc\u06a9 \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0647 \u06cc\u06a9 \u0645\u062f\u06cc\u0631 \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0628\u0627 \u0645\u062a\u0646\u06cc \u062e\u0648\u0627\u0646\u0627 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627 \u0631\u0627 \u062a\u0648\u0636\u06cc\u062d \u0645\u06cc \u062f\u0647\u062f.<\/li>\n
- \u06cc\u06a9 \u062a\u0627\u0628\u0639 Lambda \u0631\u0627 \u0641\u0639\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f. \u062a\u0627\u0628\u0639 Lambda \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u0628\u0647 \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u067e\u0632\u0634\u06a9\u06cc \u0642\u0627\u0646\u0648\u0646\u06cc \u0645\u0646\u062a\u0642\u0644 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u062f\u0631 \u0622\u0646\u062c\u0627 \u0628\u0631\u0627\u06cc \u0628\u0631\u0631\u0633\u06cc \u0628\u06cc\u0634\u062a\u0631 \u062c\u062f\u0627 \u0645\u06cc \u0634\u0648\u062f.<\/li>\n<\/ol>\n
\u0645\u0631\u062d\u0644\u0647 1. \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0627\u0648\u0644\u06cc\u0647 \u0631\u0627 \u0628\u0627\u0631\u06af\u06cc\u0631\u06cc \u06a9\u0646\u06cc\u062f<\/h2>\n
\u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0627\u0632 \u06cc\u06a9 \u0627\u0644\u06af\u0648\u06cc AWS CloudFormation \u0628\u0631\u0627\u06cc \u062a\u0647\u06cc\u0647 \u0645\u0646\u0627\u0628\u0639 \u0627\u0648\u0644\u06cc\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0628\u0647 \u0627\u06cc\u0646 \u062f\u0644\u06cc\u0644 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u062a\u0648\u0627\u0646\u06cc\u062f \u0641\u0642\u0637 \u0628\u0631 \u0631\u0648\u06cc \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0632\u0645\u06cc\u0646\u06cc \u0631\u0627\u0647 \u062d\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062e\u0648\u062f \u062a\u0645\u0631\u06a9\u0632 \u06a9\u0646\u06cc\u062f. \u0627\u0644\u06af\u0648\u06cc CloudFormation \u06cc\u06a9 \u067e\u0634\u062a\u0647 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f. \u067e\u0634\u062a\u0647 \u0627\u0632 \u06cc\u06a9 \u0646\u0645\u0648\u0646\u0647 AWS Cloud9 IDE \u062a\u0634\u06a9\u06cc\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0645\u0627 \u0627\u0632 \u0627\u06cc\u0646 \u0646\u0645\u0648\u0646\u0647 Cloud9 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u062a\u0627 \u0647\u0645\u0647 \u06a9\u0633\u0627\u0646\u06cc \u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0631\u0627 \u0627\u062c\u0631\u0627 \u0645\u06cc \u06a9\u0646\u0646\u062f \u062a\u062c\u0631\u0628\u0647 \u0648\u06cc\u0631\u0627\u06cc\u0634 \u0648 \u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u06cc\u06a9\u0633\u0627\u0646\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f. \u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u067e\u0634\u062a\u0647 \u0631\u0627 \u062f\u0631 US-WEST-2 \u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u0645\u06cc \u06a9\u0646\u06cc\u062f\u060c \u0645\u0637\u0645\u0626\u0646 \u0645\u06cc \u0634\u0648\u06cc\u062f \u06a9\u0647 \u06cc\u06a9 \u0646\u0645\u0648\u0646\u0647 t3.small \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u0627\u06af\u0631 \u0627\u0644\u06af\u0648 \u062f\u0631 \u0645\u0646\u0627\u0637\u0642 \u062f\u06cc\u06af\u0631 \u0645\u0633\u062a\u0642\u0631 \u0627\u0633\u062a\u060c \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0644\u0627\u0632\u0645 \u0628\u0627\u0634\u062f \u0627\u0644\u06af\u0648 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f \u062a\u0627 \u0627\u0632 \u0646\u0648\u0639 \u0646\u0645\u0648\u0646\u0647 \u062f\u06cc\u06af\u0631\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f \u0627\u06af\u0631 t3.small \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0646\u06cc\u0633\u062a.<\/p>\n
1.1. \u0628\u0647 AWS CloudFormation \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a AWS \u0628\u0631\u0648\u06cc\u062f \u0648 \u0628\u0627 \u06a9\u0644\u06cc\u06a9 \u0628\u0631 \u0631\u0648\u06cc \u062f\u06a9\u0645\u0647 \u0627\u06cc\u062c\u0627\u062f \u067e\u0634\u062a\u0647 \u06cc\u06a9 \u067e\u0634\u062a\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n1.2. \u0622\u067e\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 \u0627\u0644\u06af\u0648 \u0631\u0627 \u0627\u0646\u062a\u062e\u0627\u0628 \u06a9\u0646\u06cc\u062f \u0648 \u0641\u0627\u06cc\u0644 gd-iac-initial.yml \u0631\u0627 \u0627\u0632 \u0645\u062e\u0632\u0646 \u06a9\u062f \u0646\u0645\u0648\u0646\u0647 \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647 \u062f\u0631 \u0628\u0627\u0644\u0627 \u0622\u067e\u0644\u0648\u062f \u06a9\u0646\u06cc\u062f. \u0633\u067e\u0633 \u0631\u0648\u06cc Next \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n1.3. \u06cc\u06a9 \u0646\u0627\u0645 \u067e\u0634\u062a\u0647 \u0648\u0627\u0631\u062f \u06a9\u0646\u06cc\u062f \u0648 \u0631\u0648\u06cc Next \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n1.4. \u062f\u0631 \u0635\u0641\u062d\u0647 Configure stack options \u0631\u0648\u06cc Next \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n1.5. \u062f\u0631 \u0635\u0641\u062d\u0647 \u0628\u0631\u0631\u0633\u06cc\u060c \u0628\u0647 \u067e\u0627\u06cc\u06cc\u0646 \u0628\u0631\u0648\u06cc\u062f \u0648 \u0631\u0648\u06cc \u06a9\u0627\u062f\u0631 \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0646\u06cc\u062f \u06a9\u0647 AWS CloudFormation \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0645\u0646\u0627\u0628\u0639 IAM \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f\u060c \u0633\u067e\u0633 \u0631\u0648\u06cc Next \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n1.6. \u0645\u0631\u0627\u0642\u0628 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u067e\u0634\u062a\u0647 \u062f\u0631 \u062d\u0627\u0644\u062a \u0627\u06cc\u062c\u0627\u062f \u06a9\u0627\u0645\u0644 \u0628\u0627\u0634\u062f.<\/h5>\n
\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0634\u0645\u0627 \u0645\u0646\u0627\u0628\u0639 \u0627\u0648\u0644\u06cc\u0647 \u0627\u06cc \u0631\u0627 \u06a9\u0647 \u0628\u0631\u0627\u06cc \u062f\u0646\u0628\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f \u0628\u0647 \u062a\u0646\u0647\u0627\u06cc\u06cc \u0645\u0633\u062a\u0642\u0631 \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f. \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f \u0628\u0647 \u0646\u0645\u0648\u0646\u0647 Cloud9 \u06a9\u0647 \u067e\u0634\u062a\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u0627\u0647\u06cc\u062f \u062f\u0627\u0634\u062a \u0648 Terraform \u0631\u0627 \u0645\u0642\u062f\u0627\u0631\u062f\u0647\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u062f.<\/p>\n\u0645\u0631\u062d\u0644\u0647 2. \u0628\u0647 Cloud9 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0631\u062f\u0647 \u0648 Terraform \u0631\u0627 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f<\/h2>\n
2.1. AWS Cloud9 \u0631\u0627 \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a AWS \u0628\u0627\u0632 \u06a9\u0646\u06cc\u062f \u0648 \u0645\u062d\u06cc\u0637 \u0631\u0627 \u062f\u0631 Cloud9 IDE \u0628\u0627\u0632 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n2.2. \u062f\u0631 \u0627\u0648\u0644\u0648\u06cc\u062a\u200c\u0647\u0627\u06cc Cloud9\u060c \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0645\u0648\u0642\u062a \u0645\u062f\u06cc\u0631\u06cc\u062a\u200c\u0634\u062f\u0647 AWS \u0631\u0627 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n2.3. \u0627\u0632 \u062a\u0631\u0645\u06cc\u0646\u0627\u0644 \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0646\u0645\u0648\u0646\u0647 Cloud9\u060c \u0645\u062e\u0632\u0646 \u06a9\u062f \u0627\u0648\u0644\u06cc\u0647 \u0631\u0627 \u0634\u0628\u06cc\u0647 \u0633\u0627\u0632\u06cc \u06a9\u0646\u06cc\u062f.<\/h5>\n\ngit clone https:\/\/github.com\/build-on-aws\/automating-amazon-guardduty-with-iac.git\r\n<\/code><\/pre>\n<\/div>\n2.4. \u0628\u0647 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc automating-amazon-guardduty-with-iac \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u06cc\u062f \u0648 \u06cc\u06a9 terraform init\u060c terraform plan \u0648 terraform \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n\u06cc\u06a9 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0645\u0648\u0641\u0642 \u0634\u0628\u06cc\u0647 \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u062e\u0648\u0627\u0647\u062f \u0628\u0648\u062f:<\/p>\n
\n2.5. \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u062f\u0648 \u0646\u0645\u0648\u0646\u0647 \u062c\u062f\u06cc\u062f EC2 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f\u060c \u06cc\u06a9\u06cc \u0628\u0627 \u0646\u0627\u0645 IAC Tutorial: Compromised Instance \u0648 \u062f\u06cc\u06af\u0631\u06cc \u0628\u0627 \u0646\u0627\u0645 IAC Tutorial: Malicious Instance.<\/h5>\n
\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647\u060c \u0634\u0645\u0627 \u06cc\u06a9 VPC \u0648 \u062f\u0648 \u0646\u0645\u0648\u0646\u0647 EC2 \u0631\u0627 \u0645\u0633\u062a\u0642\u0631 \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f. \u062f\u0648 \u0646\u0645\u0648\u0646\u0647 EC2 \u0628\u0627 \u06cc\u06a9\u062f\u06cc\u06af\u0631 \u0635\u062d\u0628\u062a \u0645\u06cc\u200c\u06a9\u0646\u0646\u062f \u0648 \u0628\u0639\u062f\u0627\u064b \u0648\u0642\u062a\u06cc \u06cc\u06a9\u06cc \u0627\u0632 \u0646\u0645\u0648\u0646\u0647\u200c\u0647\u0627\u06cc EC2 Elastic \u0622\u062f\u0631\u0633 IP \u0631\u0627 \u0628\u0647 \u0644\u06cc\u0633\u062a \u062a\u0647\u062f\u06cc\u062f \u0627\u0636\u0627\u0641\u0647 \u0645\u06cc\u200c\u06a9\u0646\u06cc\u062f\u060c \u0628\u0627\u0639\u062b \u0645\u06cc\u200c\u0634\u0648\u062f GuardDuty \u06cc\u06a9 \u06cc\u0627\u0641\u062a\u0647 \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f. \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0628\u0647 \u0628\u0639\u062f\u060c \u0634\u0645\u0627 \u0647\u0631 \u06cc\u06a9 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639\u06cc \u0631\u0627 \u06a9\u0647 \u0628\u062e\u0634\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062d\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0648\u0627\u0642\u0639\u06cc \u0647\u0633\u062a\u0646\u062f \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f.<\/p>\n\u0645\u0631\u062d\u0644\u0647 3: \u06cc\u06a9 \u0633\u0637\u0644 S3 \u0628\u0631\u0627\u06cc \u0630\u062e\u06cc\u0631\u0647 \u0644\u06cc\u0633\u062a \u062a\u0647\u062f\u06cc\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/h2>\n
GuardDuty \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u062f\u0648 \u0646\u0648\u0639 \u0644\u06cc\u0633\u062a \u0627\u0634\u0627\u0631\u0647 \u06a9\u0646\u062f: \u06cc\u06a9 \u0644\u06cc\u0633\u062a IP \u0645\u0648\u0631\u062f \u0627\u0639\u062a\u0645\u0627\u062f \u0648 \u06cc\u06a9 \u0644\u06cc\u0633\u062a IP \u062a\u0647\u062f\u06cc\u062f. GuardDuty \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u06a9\u0647 \u062f\u0631 \u0644\u06cc\u0633\u062a \u0647\u0627\u06cc IP \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u06af\u0646\u062c\u0627\u0646\u062f\u0647 \u0634\u062f\u0647 \u0627\u0646\u062f \u0627\u06cc\u062c\u0627\u062f \u0646\u0645\u06cc \u06a9\u0646\u062f\u060c \u0627\u0645\u0627 \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u062f\u0631 \u0644\u06cc\u0633\u062a \u0647\u0627\u06cc IP \u062a\u0647\u062f\u06cc\u062f \u06af\u0646\u062c\u0627\u0646\u062f\u0647 \u0634\u062f\u0647 \u0627\u0646\u062f. \u0627\u0632 \u0622\u0646\u062c\u0627\u06cc\u06cc \u06a9\u0647 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u0645 \u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0628\u0647 \u0627\u062c\u0628\u0627\u0631 \u06cc\u06a9 \u06cc\u0627\u0641\u062a\u0647 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u0645\u060c \u0627\u0632 \u06cc\u06a9 \u0644\u06cc\u0633\u062a IP \u062a\u0647\u062f\u06cc\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645.<\/p>\n
3.1. \u0628\u0627 \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0645\u062a\u063a\u06cc\u0631 \u062f\u0631 modules\/s3\/variables.tf \u0628\u0631\u0627\u06cc vpc_id \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\nvariable \"vpc_id\" {\r\n}\r\n<\/code><\/pre>\n<\/div>\n3.2. \u0628\u0639\u062f\u060c \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/s3\/main.tf\u060c \u0634\u0645\u0627\u0631\u0647 \u062d\u0633\u0627\u0628 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0641\u0639\u0644\u06cc AWS \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0631\u062f\u0647 \u0648 \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0633\u0637\u0644 S3 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# GET CURRENT AWS ACCOUNT NUMBER\r\ndata \"aws_caller_identity\" \"current\" {}\r\n# CREATE TWO S3 BUCKETS\r\nresource \"aws_s3_bucket\" \"bucket\" {\r\nbucket = \"guardduty-example-${data.aws_caller_identity.current.account_id}-us-east-1\"\r\nforce_destroy = true\r\n}\r\nresource \"aws_s3_bucket\" \"flow-log-bucket\" {\r\nbucket = \"vpc-flow-logs-${data.aws_caller_identity.current.account_id}-us-east-1\"\r\nforce_destroy = true\r\n}\r\n<\/code><\/pre>\n<\/div>\n<\/blockquote>\n
3.3. \u0633\u067e\u0633 VPC Flow log \u0647\u0627 \u0631\u0627 \u062f\u0631 \u0633\u0637\u0644 S3 \u0641\u0639\u0627\u0644 \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0646\u06cc\u0633\u062a\u060c \u0627\u0645\u0627 \u0628\u0647 \u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u06af\u0632\u0627\u0631\u0634 \u0647\u0627\u06cc\u06cc \u0631\u0627 \u06a9\u0647 GuardDuty \u0645\u06cc \u0628\u06cc\u0646\u062f\u060c \u0645\u0634\u0627\u0647\u062f\u0647 \u06a9\u0646\u06cc\u0645.<\/h5>\n
\n# VPC FLOW LOGS\r\nresource \"aws_flow_log\" \"flow_log_example\" {\r\nlog_destination = aws_s3_bucket.flow-log-bucket.arn\r\nlog_destination_type = \"s3\"\r\ntraffic_type = \"ALL\"\r\nvpc_id = var.vpc_id\r\n}\r\n<\/code><\/pre>\n<\/div>\n3.4. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a\u060c \u0645\u0642\u0627\u062f\u06cc\u0631 bucket_id \u0648 bucket_arn \u0631\u0627 \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/s3\/outputs.tf \u062e\u0627\u0631\u062c \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# S3 Bucket id\r\noutput \"bucket_id\" {\r\nvalue = aws_s3_bucket.bucket.id\r\ndescription = \"Output of s3 bucket id.\"\r\n}\r\n# S3 Bucket arn\r\noutput \"bucket_arn\" {\r\nvalue = aws_s3_bucket.bucket.arn\r\ndescription = \"Output of s3 bucket arn.\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n3.5. \u062d\u0627\u0644\u0627 \u0628\u0647 \u0641\u0627\u06cc\u0644 root\/main.tf \u0628\u0631\u06af\u0631\u062f\u06cc\u062f \u0648 \u0633\u0637\u0644 S3 \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# CREATES S3 BUCKET\r\nmodule \"s3_bucket\" {\r\nsource = \".\/modules\/s3\"\r\nvpc_id = module.iac_vpc.vpc_attributes.id\r\n}\r\n<\/code><\/pre>\n<\/div>\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0634\u0645\u0627 \u062f\u0648 \u0633\u0637\u0644 S3 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f. \u0627\u06af\u0631 \u0645\u06cc\u200c\u062e\u0648\u0627\u0647\u06cc\u062f \u062e\u0648\u062f\u062a\u0627\u0646 \u0622\u0646\u0647\u0627 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f\u060c \u06cc\u06a9 \u0633\u0637\u0644 \u0628\u0631\u0627\u06cc \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627\u06cc \u062c\u0631\u06cc\u0627\u0646 VPC \u0627\u0633\u062a. \u0633\u0637\u0644 \u062f\u06cc\u06af\u0631 \u062d\u0627\u0648\u06cc \u0644\u06cc\u0633\u062a \u062a\u0647\u062f\u06cc\u062f\u0627\u062a\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f.<\/p>\n
\u0645\u0631\u062d\u0644\u0647 4: \u0645\u0627\u0698\u0648\u0644 \u0647\u0627\u06cc GuardDuty Terraform \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/h2>\n
4.1. \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc GuardDuty Module \u0628\u0631\u0627\u06cc \u0634\u0645\u0627 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u0646\u062f\u060c \u0627\u0645\u0627 \u0645\u0627\u0646\u0646\u062f \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc S3 \u062e\u0627\u0644\u06cc \u0647\u0633\u062a\u0646\u062f. \u0628\u0627 \u0641\u0627\u06cc\u0644 modules\/guardduty\/variables.tf \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f. \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0628\u0627\u06cc\u062f \u062f\u0648 \u0645\u062a\u063a\u06cc\u0631 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f. \u0627\u0648\u0644\u06cc \u0645\u062a\u063a\u06cc\u0631\u06cc \u0628\u0647 \u0646\u0627\u0645 bucket \u0627\u0633\u062a \u06a9\u0647 \u0627\u0632 \u0622\u0646 \u0628\u0631\u0627\u06cc \u062a\u0639\u0631\u06cc\u0641 \u062c\u0632\u0626\u06cc\u0627\u062a \u0644\u06cc\u0633\u062a \u062a\u0647\u062f\u06cc\u062f \u0633\u0637\u0644 S3 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645. \u062f\u0648\u0645\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 IP \u0645\u062e\u0631\u0628\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0633\u0637\u0644 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u0647 \u0627\u06cc\u0645.<\/h5>\n
\nvariable \"bucket\" {\r\n}\r\nvariable \"malicious_ip\" {\r\n}\r\n<\/code><\/pre>\n<\/div>\n4.2. \u0633\u067e\u0633 \u0628\u0647 \u0641\u0627\u06cc\u0644 modules\/guardduty\/main.tf \u0628\u0631\u0648\u06cc\u062f.<\/h5>\n
\u062f\u0631 \u0627\u06cc\u0646 \u0641\u0627\u06cc\u0644 \u0634\u0645\u0627 \u0633\u0647 \u0645\u0646\u0628\u0639 \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f. \u0627\u0648\u0644\u06cc\u0646 \u0645\u0646\u0628\u0639 \u0622\u0634\u06a9\u0627\u0631\u0633\u0627\u0632 GuardDuty \u0627\u0633\u062a. \u0634\u0645\u0627 \u062f\u0631 \u0627\u0633\u0646\u0627\u062f \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u0647 \u06cc\u0627\u062f\u062f\u0627\u0634\u062a \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f \u06a9\u0647 \u06af\u0632\u06cc\u0646\u0647 \u0647\u0627 \u0647\u0645\u0647 \u0627\u062e\u062a\u06cc\u0627\u0631\u06cc \u0647\u0633\u062a\u0646\u062f – \u0647\u06cc\u0686 \u0686\u06cc\u0632 \u062f\u06cc\u06af\u0631\u06cc \u062c\u0632 \u0627\u0639\u0644\u0627\u0645 \u0645\u0646\u0628\u0639 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0646\u06cc\u0633\u062a. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0645\u0642\u062f\u0627\u0631 \u0641\u0639\u0627\u0644 \u0634\u062f\u0647 \u0631\u0627 \u062f\u0631 \u0645\u062b\u0627\u0644 \u062e\u0648\u062f \u0631\u0648\u06cc true \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u06cc\u0645 \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 finding_publishing_frequency \u0631\u0627 \u0628\u0647 15 \u062f\u0642\u06cc\u0642\u0647 \u062a\u063a\u06cc\u06cc\u0631 \u0645\u06cc \u062f\u0647\u06cc\u0645. \u067e\u06cc\u0634 \u0641\u0631\u0636 \u06cc\u06a9 \u0633\u0627\u0639\u062a \u0627\u0633\u062a.<\/p>\n
\n# ENABLE THE DETECTOR\r\nresource \"aws_guardduty_detector\" \"gd-tutorial\" {\r\nenable = true\r\nfinding_publishing_frequency = \"FIFTEEN_MINUTES\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n4.3. \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f \u0641\u0627\u06cc\u0644\u06cc \u0631\u0627 \u062f\u0631 \u0633\u0637\u0644 S3 \u06a9\u0647 \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0642\u0628\u0644 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u0645 \u0622\u067e\u0644\u0648\u062f \u0645\u06cc \u06a9\u0646\u06cc\u0645. \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0646\u06cc\u0633\u062a\u060c \u0627\u0645\u0627 \u0628\u0631\u0627\u06cc \u0627\u0647\u062f\u0627\u0641 \u0646\u0645\u0627\u06cc\u0634\u06cc \u0645\u06cc\u200c\u062e\u0648\u0627\u0647\u06cc\u0645 \u0627\u0632 \u0622\u062f\u0631\u0633 IP \u06cc\u06a9\u06cc \u0627\u0632 \u0646\u0645\u0648\u0646\u0647\u200c\u0647\u0627\u06cc EC2 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u0645 \u062a\u0627 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627 \u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc\u200c\u0634\u0648\u0646\u062f. \u062f\u0631 \u06a9\u062f \u0632\u06cc\u0631 \u0645\u0627 \u06cc\u06a9 \u0641\u0627\u06cc\u0644 \u0645\u062a\u0646\u06cc \u0631\u0627 \u062f\u0631 \u0633\u0637\u0644 S3 \u062e\u0648\u062f \u0622\u067e\u0644\u0648\u062f \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0622\u0646 \u0631\u0627 MyThreatIntelSet \u0645\u06cc \u0646\u0627\u0645\u06cc\u0645 \u0648 \u0645\u062d\u062a\u0648\u0627\u06cc \u0641\u0627\u06cc\u0644 \u0622\u062f\u0631\u0633 IP \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0645\u062a\u063a\u06cc\u0631 var.malicious_ip \u062e\u0648\u0627\u0647\u062f \u0628\u0648\u062f.<\/h5>\n
\n# ADD THE EIP\/MALICIOUS IP TO THE BUCKET AS A TEXT FILE.\r\nresource \"aws_s3_object\" \"MyThreatIntelSet\" {\r\ncontent = var.malicious_ip\r\nbucket = var.bucket\r\nkey = \"MyThreatIntelSet\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n4.4. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a \u0645\u0627 \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0628\u0647 \u0646\u0627\u0645 aws_guardduty_threatintelset \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f \u06a9\u0647 \u0628\u0647 GuardDuty \u0645\u06cc \u06af\u0648\u06cc\u062f \u06a9\u0647 \u0628\u0627\u06cc\u062f \u0627\u0632 \u0641\u0627\u06cc\u0644\u06cc \u06a9\u0647 \u062f\u0631 \u0645\u06a9\u0627\u0646 \u062a\u0639\u0631\u06cc\u0641 \u0634\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f (\u0627\u06cc\u0646 \u0647\u0645\u0627\u0646 \u0686\u06cc\u0632\u06cc \u0627\u0633\u062a \u06a9\u0647 activate = true \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u062f).<\/h5>\n
\n# HAVE GUARDDUTY LOOK AT THE TEXT FILE IN S3\r\nresource \"aws_guardduty_threatintelset\" \"Example-Threat-List\" {\r\nactivate = true\r\ndetector_id = aws_guardduty_detector.gd-tutorial.id\r\nformat = \"TXT\"\r\nlocation = \"https:\/\/s3.amazonaws.com\/${aws_s3_object.MyThreatIntelSet.bucket}\/${aws_s3_object.MyThreatIntelSet.key}\"\r\nname = \"MyThreatIntelSet\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n4.5. \u0633\u067e\u0633 \u0628\u0647 \u0641\u0627\u06cc\u0644 root\/main.tf \u0628\u0631\u0648\u06cc\u062f \u0648 \u0645\u0627\u0698\u0648\u0644 GuardDuty \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f. \u0628\u0627\u06cc\u062f \u0634\u0646\u0627\u0633\u0647 \u0633\u0637\u0644 \u0648 IP \u0645\u062e\u0631\u0628 \u0631\u0627 \u0627\u0631\u0627\u0626\u0647 \u06a9\u0646\u06cc\u0645. \u0645\u06cc \u0628\u06cc\u0646\u06cc\u062f \u06a9\u0647 \u0627\u06cc\u0646\u0647\u0627 \u0627\u0632 \u0645\u0627\u0698\u0648\u0644 S3 \u0648 \u0645\u0627\u0698\u0648\u0644 \u0645\u062d\u0627\u0633\u0628\u0627\u062a\u06cc \u0645\u06cc \u0622\u06cc\u0646\u062f.<\/h5>\n
\n# Enable GuardDuty\r\nmodule \"guardduty\" {\r\nsource = \".\/modules\/guardduty\"\r\nbucket = module.s3_bucket.bucket_id\r\nmalicious_ip = module.compute.malicious_ip\r\n}\r\n<\/code><\/pre>\n<\/div>\n\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634\u060c GuardDuty \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u06cc\u062f\u060c \u0644\u06cc\u0633\u062a \u062a\u0647\u062f\u06cc\u062f \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u062f \u0648 \u0622\u062f\u0631\u0633 IP Elastic \u0646\u0645\u0648\u0646\u0647 \u0645\u062e\u0631\u0628 EC2 \u0631\u0627 \u0628\u0647 \u0622\u0646 \u0644\u06cc\u0633\u062a \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u06cc\u062f. \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f\u060c \u0645\u0627 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 SNS \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u06cc\u0645.<\/p>\n
\u0645\u0631\u062d\u0644\u0647 5: \u0645\u0627\u0698\u0648\u0644 SNS Terraform \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/h2>\n
\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u0627\u0632 Terraform \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 SNS \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645. SNS \u0633\u0631\u0648\u06cc\u0633 \u0627\u0639\u0644\u0627\u0646 \u0633\u0627\u062f\u0647 \u0627\u0633\u062a \u0648 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc \u062f\u0647\u062f \u062f\u0631 \u0635\u0648\u0631\u062a \u0631\u0639\u0627\u06cc\u062a \u0645\u0639\u06cc\u0627\u0631\u0647\u0627\u06cc \u062e\u0627\u0635\u060c \u0627\u0639\u0644\u0627\u0646 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u062f. \u062e\u0648\u062f SNS \u0628\u0627 \u0627\u0642\u062f\u0627\u0645\u06cc \u0628\u0631\u0627\u06cc \u0627\u0631\u0633\u0627\u0644 \u067e\u06cc\u0627\u0645 \u0645\u0637\u0627\u0628\u0642\u062a \u0646\u062f\u0627\u0631\u062f. \u0645\u0627 \u0627\u0632 EventBridge \u0628\u0631\u0627\u06cc \u0622\u0646 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u0627\u0632 \u0622\u0646\u062c\u0627\u06cc\u06cc \u06a9\u0647 EventBridge \u0628\u0631\u0627\u06cc \u0627\u0631\u0633\u0627\u0644 \u0627\u0639\u0644\u0627\u0646\u200c\u0647\u0627 \u0628\u0647 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u062f\u060c \u0627\u0628\u062a\u062f\u0627 \u0628\u0627\u06cc\u062f \u0642\u0627\u0646\u0648\u0646 SNS \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u0645.<\/p>\n
5.1. \u062f\u0631 \u0627\u0628\u062a\u062f\u0627 \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/sns\/variables.tf\u060c \u0628\u0627\u06cc\u062f \u062f\u0648 \u0645\u062a\u063a\u06cc\u0631 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f:<\/h5>\n
- \n
- sns_name \u0628\u0631\u0627\u06cc \u0646\u0627\u0645\u06af\u0630\u0627\u0631\u06cc \u0645\u0648\u0636\u0648\u0639 SNS \u06a9\u0647 \u0627\u06cc\u062c\u0627\u062f \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f.<\/li>\n
- \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0631\u0627\u06cc \u0646\u06af\u0647 \u062f\u0627\u0634\u062a\u0646 \u0622\u062f\u0631\u0633 \u0627\u06cc\u0645\u06cc\u0644\u06cc \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0627\u0634\u062a\u0631\u0627\u06a9 \u062f\u0631 \u0627\u0639\u0644\u0627\u0646 \u0647\u0627\u06cc \u062e\u0648\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645.<\/li>\n<\/ol>\n
\u062f\u0631 \u0632\u06cc\u0631 \u0646\u0645\u0648\u0646\u0647 \u0627\u06cc \u0627\u0632 \u0645\u062a\u063a\u06cc\u0631\u0647\u0627\u06cc \u0645\u0627 \u0628\u0631\u0627\u06cc SNS \u0622\u0648\u0631\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n
\nvariable \"sns_name\" {\r\ndescription = \"Name of the SNS Topic to be created\"\r\ndefault = \"GuardDuty-Example\"\r\n}\r\nvariable \"email\" {\r\ndescription = \"Email address for SNS\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n5.2. \u0633\u067e\u0633 \u0645\u0648\u0636\u0648\u0639 SNS \u0648 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0631\u0627 \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/sns\/main.tf \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u06cc\u0645.<\/h5>\n
\u0628\u0627 \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0645\u0648\u0636\u0648\u0639 \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f.<\/p>\n
\n# Create the SNS topic\r\nresource \"aws_sns_topic\" \"gd_sns_topic\" {\r\nname = var.sns_name\r\n}\r\n<\/code><\/pre>\n<\/div>\n\u062f\u0631 \u06a9\u062f \u0628\u0627\u0644\u0627 \u0634\u0645\u0627 \u062f\u0631 \u062d\u0627\u0644 \u0627\u06cc\u062c\u0627\u062f \u0645\u0646\u0628\u0639\u06cc \u0647\u0633\u062a\u06cc\u062f \u06a9\u0647 \u062a\u0648\u0633\u0637 Terraform gd_sns_topic \u0646\u0627\u0645\u06cc\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f. \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 AWS\u060c “GuardDuty-Example” \u0646\u0627\u0645\u06cc\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f. \u0627\u06cc\u0646 \u0628\u0647 \u0627\u06cc\u0646 \u062f\u0644\u06cc\u0644 \u0627\u0633\u062a \u06a9\u0647 \u0645\u0627 \u0645\u062a\u063a\u06cc\u0631 var.sns_name \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u0648 \u06cc\u06a9 \u062a\u0646\u0638\u06cc\u0645 \u067e\u06cc\u0634 \u0641\u0631\u0636 \u0631\u0648\u06cc “GuardDuty-Example” \u062f\u0627\u0631\u062f.<\/p>\n
5.3. \u0633\u067e\u0633 \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0633\u06cc\u0627\u0633\u062a SNS \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f. arn \u0648 Policy \u0645\u0642\u0627\u062f\u06cc\u0631 \u0645\u0648\u0631\u062f \u0646\u06cc\u0627\u0632 \u0647\u0633\u062a\u0646\u062f. \u062e\u0637 \u0645\u0634\u06cc \u0627\u06cc\u062c\u0627\u062f \u0634\u062f\u0647 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06cc\u06a9 \u0633\u0646\u062f \u062e\u0637 \u0645\u0634\u06cc AWS IAM \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0633\u0646\u062f \u062e\u0637 \u0645\u0634\u06cc \u0628\u0647 \u0633\u0631\u0648\u06cc\u0633 principal events.amazonaws.com \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062f\u0631 \u0645\u0648\u0636\u0648\u0639 \u0645\u0648\u0631\u062f \u0646\u0638\u0631 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0646\u062f.<\/h5>\n
\nresource \"aws_sns_topic_policy\" \"gd_sns_topic_policy\" {\r\narn = aws_sns_topic.gd_sns_topic.arn\r\npolicy = jsonencode(\r\n{\r\nId = \"ID-GD-Topic-Policy\"\r\nStatement = [\r\n{\r\nAction = \"sns:Publish\"\r\nEffect = \"Allow\"\r\nPrincipal = {\r\nService = \"events.amazonaws.com\"\r\n}\r\nResource = aws_sns_topic.gd_sns_topic.arn\r\nSid = \"SID-GD-Example\"\r\n},\r\n]\r\nVersion = \"2012-10-17\"\r\n}\r\n)\r\n}\r\n<\/code><\/pre>\n<\/div>\n5.4. \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f \u0627\u0634\u062a\u0631\u0627\u06a9 \u0645\u0648\u0636\u0648\u0639 \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u06cc\u062f. \u0627\u0634\u062a\u0631\u0627\u06a9 \u0645\u0648\u0636\u0648\u0639 ARN \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f\u060c \u067e\u0631\u0648\u062a\u06a9\u0644 \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 – \u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f \u0627\u06cc\u0645\u06cc\u0644 – \u0648 \u0622\u062f\u0631\u0633 \u0627\u06cc\u0645\u06cc\u0644\u06cc \u06a9\u0647 \u0627\u0639\u0644\u0627\u0646 \u0628\u0647 \u0622\u0646 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u062f. \u0622\u062f\u0631\u0633 \u0627\u06cc\u0645\u06cc\u0644 \u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f \u0633\u062e\u062a \u06a9\u062f\u06af\u0630\u0627\u0631\u06cc \u0645\u06cc \u0634\u0648\u062f\u060c \u0627\u0645\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0622\u0646 \u0631\u0627 \u0637\u0648\u0631\u06cc \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0647\u0646\u06af\u0627\u0645 \u0627\u0639\u0645\u0627\u0644 Terraform\u060c \u0622\u062f\u0631\u0633 \u0627\u06cc\u0645\u06cc\u0644 \u0631\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u06a9\u0646\u062f. \u0647\u0645\u0686\u0646\u06cc\u0646\u060c \u062a\u0646\u0638\u06cc\u0645 endpoint_auto_confirm \u0631\u0648\u06cc false \u0628\u0647 \u0627\u06cc\u0646 \u0645\u0639\u0646\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0635\u0627\u062d\u0628 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u06cc\u0645\u06cc\u0644\u06cc \u0628\u0627 \u067e\u06cc\u0648\u0646\u062f\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 \u0628\u0627\u06cc\u062f \u0628\u0631\u0627\u06cc \u0627\u0634\u062a\u0631\u0627\u06a9 \u062f\u0631 \u0627\u0639\u0644\u0627\u0646\u200c\u0647\u0627 \u0631\u0648\u06cc \u0622\u0646 \u06a9\u0644\u06cc\u06a9 \u06a9\u0646\u062f.<\/h5>\n
\n# Create the topic subscription \r\nresource \"aws_sns_topic_subscription\" \"user_updates_sqs_target\" {\r\ntopic_arn = aws_sns_topic.gd_sns_topic.arn\r\nprotocol = \"email\"\r\nendpoint = var.email\r\nendpoint_auto_confirms = false\r\n}\r\n<\/code><\/pre>\n<\/div>\n5.5. \u0628\u0639\u062f\u060c \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/sns\/outputs.tf\u060c \u0645\u06cc\u200c\u062e\u0648\u0627\u0647\u06cc\u0645 ARN \u0645\u0648\u0636\u0648\u0639 \u0631\u0627 \u062e\u0631\u0648\u062c\u06cc \u0628\u06af\u06cc\u0631\u06cc\u0645 \u062a\u0627 \u0628\u062a\u0648\u0627\u0646\u06cc\u0645 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u062f\u0631 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc EventBridge \u0628\u0639\u062f\u0627\u064b \u0627\u0646\u062c\u0627\u0645 \u062e\u0648\u0627\u0647\u06cc\u0645 \u062f\u0627\u062f.<\/h5>\n
\noutput \"sns_topic_arn\" {\r\nvalue = aws_sns_topic.gd_sns_topic.arn\r\ndescription = \"Output of ARN to call in the eventbridge rule.\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n5.6. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a \u0628\u0647 \u0641\u0627\u06cc\u0644 root\/main.tf \u0628\u0631\u06af\u0631\u062f\u06cc\u062f \u0648 \u0645\u0648\u0636\u0648\u0639 SNS \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u062c\u0627\u06cc\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0634\u0645\u0627 \u0622\u062f\u0631\u0633 \u0627\u06cc\u0645\u06cc\u0644\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u0634\u062a\u0631\u0627\u06a9 \u062a\u0639\u06cc\u06cc\u0646 \u0645\u06cc \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# Creates an SNS Topic\r\nmodule \"guardduty_sns_topic\" {\r\nsource = \".\/modules\/sns\"\r\nemail = \"youremailaddress@domain.com\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u0634\u0645\u0627 \u0645\u0648\u0636\u0648\u0639\u0627\u062a SNS \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u062f \u062a\u0627 \u062f\u0631 \u0635\u0648\u0631\u062a \u062a\u0648\u0644\u06cc\u062f \u06cc\u06a9 \u06cc\u0627\u0641\u062a\u0647 \u062e\u0627\u0635\u060c \u0627\u06cc\u0645\u06cc\u0644\u06cc \u0628\u0631\u0627\u06cc \u0634\u0645\u0627 \u0627\u0631\u0633\u0627\u0644 \u0634\u0648\u062f.<\/p>\n
\u0645\u0631\u062d\u0644\u0647 6: \u0645\u0627\u0698\u0648\u0644 EventBridge Terraform \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/h2>\n
\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u0627\u0632 Terraform \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f. \u0642\u0627\u0646\u0648\u0646 EventBridge \u062f\u0648 \u0639\u0646\u0635\u0631 \u0627\u06cc\u0646 \u0631\u0627\u0647 \u062d\u0644 \u0631\u0627 \u0628\u0647 \u0647\u0645 \u06af\u0631\u0647 \u0645\u06cc \u0632\u0646\u062f.<\/p>\n
EventBridge \u0686\u06af\u0648\u0646\u0647 \u06a9\u0627\u0631 \u0645\u06cc \u06a9\u0646\u062f\u061f \u0627\u0633\u0627\u0633\u0627\u060c EventBridge \u06cc\u06a9 \u0631\u0648\u06cc\u062f\u0627\u062f – \u0646\u0634\u0627\u0646\u06af\u0631 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0631 \u0645\u062d\u06cc\u0637 – \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u06cc \u06a9\u0646\u062f \u0648 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u0633\u06cc\u0631\u06cc\u0627\u0628\u06cc \u0631\u0648\u06cc\u062f\u0627\u062f \u0628\u0647 \u06cc\u06a9 \u0647\u062f\u0641 \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f. \u0642\u0648\u0627\u0646\u06cc\u0646 \u0628\u0631 \u0627\u0633\u0627\u0633 \u0633\u0627\u062e\u062a\u0627\u0631 \u0631\u0648\u06cc\u062f\u0627\u062f\u060c \u06a9\u0647 \u0627\u0644\u06af\u0648\u06cc \u0631\u0648\u06cc\u062f\u0627\u062f \u0646\u0627\u0645\u06cc\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f\u060c \u06cc\u0627 \u0628\u0631 \u0627\u0633\u0627\u0633 \u06cc\u06a9 \u0628\u0631\u0646\u0627\u0645\u0647\u060c \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627 \u0631\u0627 \u0628\u0627 \u0627\u0647\u062f\u0627\u0641 \u0645\u0637\u0627\u0628\u0642\u062a \u0645\u06cc \u062f\u0647\u0646\u062f. \u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f\u060c GuardDuty \u06cc\u06a9 \u0631\u0648\u06cc\u062f\u0627\u062f \u0628\u0631\u0627\u06cc Amazon EventBridge \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0647\u0631 \u062a\u063a\u06cc\u06cc\u0631\u06cc \u062f\u0631 \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627 \u0631\u062e \u062f\u0647\u062f. \u0631\u0648\u06cc\u062f\u0627\u062f \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u0631\u062f \u0648 \u0622\u0645\u0627\u0632\u0648\u0646 EventBridge \u0628\u0647 \u06cc\u06a9 \u0647\u062f\u0641 \u062d\u06a9\u0645 \u0645\u06cc\u200c\u06a9\u0646\u062f. \u062f\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0631\u062f\u060c \u0647\u062f\u0641 \u0642\u0627\u0646\u0648\u0646 anSNS \u0627\u0633\u062a. \u0642\u0627\u0646\u0648\u0646 SNS \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0631\u0627 \u0645\u06cc \u06af\u06cc\u0631\u062f \u0648 \u06cc\u06a9 \u0627\u0639\u0644\u0627\u0646 \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0631\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631 \u0645\u0634\u062a\u0631\u06a9 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n
6.1. \u0642\u0627\u0646\u0648\u0646 EventBridge \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc \u062f\u0631 \u0645\u0648\u0631\u062f GuardDuty \u0648 SNS \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u062f. \u0628\u0627 \u0627\u06cc\u062c\u0627\u062f \u0645\u062a\u063a\u06cc\u0631\u06cc \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc \u0645\u0648\u0636\u0648\u0639 SNS ARN \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0634\u0648\u062f. \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0631\u0627 \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/eventbridge\/variables.tf \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u062f.<\/h5>\n
\nvariable \"sns_topic_arn\" {\r\n}\r\n<\/code><\/pre>\n<\/div>\n6.2. \u0628\u0639\u062f\u060c \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0642\u0627\u0646\u0648\u0646 \u0631\u0648\u06cc\u062f\u0627\u062f \u062f\u0631 \u0641\u0627\u06cc\u0644 modules\/eventbridge\/main.tf \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f. \u0634\u0645\u0627 \u0628\u0627\u06cc\u062f \u0645\u0646\u0628\u0639 \u0648 \u0646\u0648\u0639 \u0631\u0648\u06cc\u062f\u0627\u062f \u0645\u0648\u0631\u062f \u0646\u0638\u0631 \u0645\u0627 \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# EVENT RULE RESOURCE\r\nresource \"aws_cloudwatch_event_rule\" \"GuardDuty-Event-EC2-MaliciousIPCaller\" {\r\nname = \"GuardDuty-Event-EC2-MaliciousIPCaller\"\r\ndescription = \"GuardDuty Event: UnauthorizedAccess:EC2\/MaliciousIPCaller.Custom\"\r\nevent_pattern = <<EOF\r\n{\r\n\"source\": [\"aws.guardduty\"],\r\n\"detail\": {\r\n\"type\": [\"UnauthorizedAccess:EC2\/MaliciousIPCaller.Custom\"]\r\n}\r\n}\r\nEOF\r\n}\r\n<\/code><\/pre>\n<\/div>\n6.3. \u0633\u067e\u0633 \u0645\u0646\u0628\u0639 \u0647\u062f\u0641 \u0631\u0648\u06cc\u062f\u0627\u062f \u0631\u0627 \u062a\u0639\u0631\u06cc\u0641 \u06a9\u0646\u06cc\u062f. \u0647\u0646\u06af\u0627\u0645 \u0627\u06cc\u062c\u0627\u062f \u0627\u06cc\u0646 \u0645\u0646\u0628\u0639\u060c \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u062a\u0639\u0631\u06cc\u0641 \u06cc\u06a9 \u062a\u0631\u0627\u0646\u0633\u0641\u0648\u0631\u0645\u0627\u062a\u0648\u0631 \u0648\u0631\u0648\u062f\u06cc\u060c \u06a9\u0645\u06cc \u062e\u0648\u0627\u0646\u0627\u06cc\u06cc \u0627\u0636\u0627\u0641\u06cc \u0628\u0647 \u0627\u0639\u0644\u0627\u0646 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0622\u0646\u0686\u0647 EventBridge \u0628\u0647 \u0647\u062f\u0641 \u0631\u0648\u06cc\u062f\u0627\u062f \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u0633\u0641\u0627\u0631\u0634\u06cc \u0645\u06cc \u06a9\u0646\u062f. \u062f\u0631 \u0632\u06cc\u0631 \u0645\u0627 \u0634\u0646\u0627\u0633\u0647 GuardDuty\u060c \u0645\u0646\u0637\u0642\u0647 \u0648 \u0634\u0646\u0627\u0633\u0647 \u0646\u0645\u0648\u0646\u0647 EC2 \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u0645\u06cc \u06a9\u0646\u06cc\u0645 – \u0648 \u062f\u0631 \u062d\u0627\u0644 \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u0627\u0644\u06af\u0648\u06cc \u0648\u0631\u0648\u062f\u06cc \u0647\u0633\u062a\u06cc\u0645 \u06a9\u0647 \u06a9\u0645\u06cc \u062f\u0631 \u0645\u0648\u0631\u062f \u067e\u06cc\u0627\u0645 \u062a\u0648\u0636\u06cc\u062d \u0645\u06cc \u062f\u0647\u062f. \u062f\u0631 \u0632\u06cc\u0631 \u0645\u06cc \u0628\u06cc\u0646\u06cc\u062f \u06a9\u0647 \u0645\u0627 \u06cc\u06a9 \u0627\u0644\u06af\u0648\u06cc \u0648\u0631\u0648\u062f\u06cc \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u06cc\u0645 \u06a9\u0647 \u0627\u0632 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062c\u0632\u0626\u06cc\u0627\u062a \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u06cc\u0627\u0641\u062a\u0647 GuardDuty \u062f\u0631 \u067e\u06cc\u0627\u0645 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0631\u0633\u0627\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f.<\/h5>\n
\n# EVENT TARGET RESOURCE FOR SNS NOTIFICATIONS\r\nresource \"aws_cloudwatch_event_target\" \"sns\" {\r\nrule = aws_cloudwatch_event_rule.GuardDuty-Event-EC2-MaliciousIPCaller.name\r\ntarget_id = \"GuardDuty-Example\"\r\narn = var.sns_topic_arn\r\ninput_transformer {\r\ninput_paths = {\r\ngdid = \"$.detail.id\",\r\nregion = \"$.detail.region\",\r\ninstanceid = \"$.detail.resource.instanceDetails.instanceId\"\r\n}\r\ninput_template = \"\\\"First GuardDuty Finding for the GuardDuty-IAC tutorial. | ID:<gdid> | The EC2 instance: <instanceid>, may be compromised and should be investigated. Go to https:\/\/console.aws.amazon.com\/guardduty\/home?region=<region>#\/findings?macros=current&fId=<gdid>\\\"\"\r\n}\r\n}<\/code><\/pre>\n<\/div>\n6.4. \u062f\u0631 \u0627\u0648\u0644\u06cc\u0646 \u0642\u0627\u0646\u0648\u0646 Event \u06a9\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u0645\u060c \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u0631\u0648\u06cc\u062f\u0627\u062f GuardDuty-Event-EC2-MaliciousIPCaller \u0647\u0633\u062a\u06cc\u0645. \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 \u0631\u0648\u06cc\u062f\u0627\u062f \u062f\u0648\u0645 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u06cc\u0627\u0641\u062a\u0646 GuardDuty-Event-IAMUser-MaliciousIPCaller \u0628\u06af\u0631\u062f\u06cc\u062f \u0648 \u0628\u0631\u0627\u06cc \u0622\u0646 \u0646\u06cc\u0632 \u06cc\u06a9 \u0627\u0639\u0644\u0627\u0646 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# EVENT RULE RESOURCE\r\nresource \"aws_cloudwatch_event_rule\" \"GuardDuty-Event-IAMUser-MaliciousIPCaller\" {\r\nname = \"GuardDuty-Event-IAMUser-MaliciousIPCaller\"\r\ndescription = \"GuardDuty Event: UnauthorizedAccess:IAMUser\/MaliciousIPCaller.Custom\"\r\nevent_pattern = <<EOF\r\n{\r\n\"source\": [\"aws.guardduty\"],\r\n\"detail\": {\r\n\"type\": [\"UnauthorizedAccess:IAMUser\/MaliciousIPCaller.Custom\", \"Discovery:S3\/MaliciousIPCaller.Custom\"]\r\n}\r\n}\r\nEOF\r\n}\r\n#EVENT TARGET RESOURCE FOR SNS NOTIFICATIONS\r\nresource \"aws_cloudwatch_event_target\" \"iam-sns\" {\r\nrule = aws_cloudwatch_event_rule.GuardDuty-Event-IAMUser-MaliciousIPCaller.name\r\ntarget_id = \"GuardDuty-Example\"\r\narn = var.sns_topic_arn\r\ninput_transformer {\r\ninput_paths = {\r\ngdid = \"$.detail.id\",\r\nregion = \"$.detail.region\",\r\nuserName = \"$.detail.resource.accessKeyDetails.userName\"\r\n} \r\ninput_template = \"\\\"Second GuardDuty Finding for the GuardDuty-IAC tutorial. | ID:<gdid> | AWS Region:<region>. An AWS API operation was invoked (userName: <userName>) from an IP address that is included on your threat list and should be investigated.Go to https:\/\/console.aws.amazon.com\/guardduty\/home?region=<region>#\/findings?macros=current&fId=<gdid>\\\"\"\r\n}\r\n}<\/code><\/pre>\n<\/div>\n6.5. \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u0645\u0646\u0627\u0628\u0639 \u0627\u06cc\u062c\u0627\u062f \u0634\u062f\u0647 \u062f\u0631 \u0645\u0627\u0698\u0648\u0644 \u0631\u0627 \u062f\u0627\u0631\u06cc\u062f\u060c \u0628\u0647 \u0641\u0627\u06cc\u0644 root\/main.tf \u0628\u0631\u06af\u0631\u062f\u06cc\u062f \u0648 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# Create the EventBridge rule\r\nmodule \"guardduty_eventbridge_rule\" {\r\nsource = \".\/modules\/eventbridge\"\r\nsns_topic_arn = module.guardduty_sns_topic.sns_topic_arn\r\n}<\/code><\/pre>\n<\/div>\n\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u062f \u06a9\u0647 \u0627\u0632 \u0645\u0648\u0636\u0648\u0639 SNS \u06a9\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647\u200c\u0627\u06cc\u062f \u0628\u0631\u0627\u06cc \u0627\u0631\u0633\u0627\u0644 \u0627\u06cc\u0645\u06cc\u0644 \u062f\u0631 \u0635\u0648\u0631\u062a \u062a\u0637\u0628\u06cc\u0642 \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627\u06cc GuardDuty \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f. \u062f\u0631 \u0628\u062e\u0634 \u0628\u0639\u062f\u06cc \u0627\u06cc\u0646 \u0639\u0645\u0644\u06a9\u0631\u062f \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Lambda \u0627\u0641\u0632\u0627\u06cc\u0634 \u062e\u0648\u0627\u0647\u06cc\u062f \u062f\u0627\u062f.<\/p>\n
\u0645\u0631\u062d\u0644\u0647 7: \u0645\u0627\u0698\u0648\u0644 Lambda Terraform \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f<\/h2>\n
\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u0645\u0627 \u0627\u0632 Terraform \u0628\u0631\u0627\u06cc \u0627\u06cc\u062c\u0627\u062f \u06cc\u06a9 \u062a\u0627\u0628\u0639 Lambda \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u06cc\u06a9 \u062a\u0627\u0628\u0639 \u0627\u0635\u0644\u0627\u062d \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u062d\u06cc\u0637 \u0645\u0627 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u062f. \u06a9\u0627\u0631\u06cc \u06a9\u0647 \u0645\u0627 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u0645 \u0628\u0627 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u0645 \u0627\u06cc\u0646 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0645\u0627 \u0628\u0647 \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc\u062f \u0645\u0646\u062a\u0642\u0644 \u0634\u0648\u062f. \u0645\u0634\u0627\u0628\u0647 \u0631\u0648\u0634\u06cc \u06a9\u0647 EventBridge \u0627\u0632 SNS \u0628\u0631\u0627\u06cc \u062a\u0648\u0644\u06cc\u062f \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u060c EventBridge \u062a\u0627\u0628\u0639 Lambda \u0631\u0627 \u062f\u0631 \u0628\u0631 \u062e\u0648\u0627\u0647\u062f \u06af\u0631\u0641\u062a.<\/p>\n
\u0646\u06a9\u062a\u0647 \u0627\u06cc \u06a9\u0647 \u0628\u0627\u06cc\u062f \u062f\u0631 \u0646\u0638\u0631 \u062f\u0627\u0634\u062a \u0627\u06cc\u0646 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0631\u0648\u06cc\u06a9\u0631\u062f\u0647\u0627\u06cc \u0645\u0645\u06a9\u0646 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u0628\u0631\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631\u060c \u0644\u0637\u0641\u0627\u064b \u0628\u0647 \u0645\u0633\u062a\u0646\u062f\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0627\u06cc\u062c\u0627\u062f \u067e\u0627\u0633\u062e\u200c\u0647\u0627\u06cc \u0633\u0641\u0627\u0631\u0634\u06cc \u0628\u0647 \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627\u06cc GuardDuty \u0628\u0627 \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc Amazon CloudWatch \u0648 \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062e\u0648\u062f\u06a9\u0627\u0631 \u062a\u0631\u0627\u0641\u06cc\u06a9 \u0645\u0634\u06a9\u0648\u06a9 \u0628\u0627 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0634\u0628\u06a9\u0647 AWS \u0648 Amazon GuardDuty \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f.<\/p>\n
\u0642\u0628\u0644 \u0627\u0632 \u0634\u0631\u0648\u0639\u060c \u0628\u06cc\u0627\u06cc\u06cc\u062f \u0628\u0628\u06cc\u0646\u06cc\u0645 \u0686\u0647 \u0627\u062a\u0641\u0627\u0642\u06cc \u0628\u0627\u06cc\u062f \u0628\u06cc\u0641\u062a\u062f \u062a\u0627 \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0627\u0646\u062c\u0627\u0645 \u0634\u0648\u062f.<\/p>\n
\u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631\u060c \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627\u06cc GuardDuty \u0645\u0627 \u062f\u0631 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0628\u0627 \u06cc\u06a9 \u0647\u062f\u0641 \u062a\u0637\u0628\u06cc\u0642 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a – \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 SNS \u06a9\u0647 \u06cc\u06a9 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc\u200c\u06a9\u0646\u062f. \u0628\u0631\u0627\u06cc \u0627\u0631\u062a\u0642\u0627\u06cc \u0627\u06cc\u0646 \u0642\u0627\u0628\u0644\u06cc\u062a\u060c EventBridge \u0627\u0632 AWS Lambda \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0647\u062f\u0641 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n
\u0627\u0632 \u0622\u0646\u062c\u0627\u06cc\u06cc \u06a9\u0647 \u0645\u0627 \u0642\u0635\u062f \u062f\u0627\u0631\u06cc\u0645 \u0627\u0632 \u0637\u0631\u0641 \u062e\u0648\u062f AWS Lambda \u0628\u0647 \u0645\u0646\u0627\u0628\u0639 \u062f\u06cc\u06af\u0631\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u0645\u060c \u0628\u0627\u06cc\u062f \u06cc\u06a9 \u0646\u0642\u0634 IAM \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u0645 \u062a\u0627 \u0645\u062c\u0648\u0632\u0647\u0627 \u0631\u0627 \u0628\u0647 \u0633\u0631\u0648\u06cc\u0633 \u0648\u0627\u06af\u0630\u0627\u0631 \u06a9\u0646\u06cc\u0645. \u0627\u06cc\u0646 \u0646\u0642\u0634 \u06cc\u06a9 \u0633\u0631\u0648\u06cc\u0633 \u0646\u0627\u0645\u06cc\u062f\u0647 \u0645\u06cc \u0634\u0648\u062f \u0648 AWS Lambda \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0646\u0645\u0648\u0646\u0647 EC2 \u0645\u0627 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u0645\u06cc \u062f\u0647\u062f\u060c \u0627\u06cc\u0646 \u0646\u0642\u0634 \u0631\u0627 \u0628\u0631 \u0639\u0647\u062f\u0647 \u0645\u06cc \u06af\u06cc\u0631\u062f.<\/p>\n
\u062a\u0635\u0648\u06cc\u0631 \u0632\u06cc\u0631 \u0646\u0634\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u06a9\u0647 \u0686\u06af\u0648\u0646\u0647 \u0633\u0647 \u0628\u0644\u0648\u06a9 \u06a9\u062f \u0627\u0648\u0644 \u0628\u0627 \u0647\u0645 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u06af\u06cc\u0631\u0646\u062f \u062a\u0627 \u0628\u0647 \u0633\u0631\u0648\u06cc\u0633 AWS Lambda \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u0646\u062f \u0646\u0642\u0634\u06cc \u0631\u0627 \u0628\u0631 \u0639\u0647\u062f\u0647 \u0628\u06af\u06cc\u0631\u0646\u062f \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a\u06cc \u062f\u0631 \u06af\u0631\u0648\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u062e\u062a\u0635\u0627\u0635 \u062f\u0627\u062f\u0647 \u0634\u062f\u0647 \u0628\u0647 \u0646\u0645\u0648\u0646\u0647\u200c\u0647\u0627\u06cc EC2 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u062f.<\/p>\n
\n7.1. \u0628\u0627 \u0627\u06cc\u062c\u0627\u062f \u0633\u0646\u062f \u0633\u06cc\u0627\u0633\u062a IAM \u062f\u0631 modules\/lambda\/main.tf \u0634\u0631\u0648\u0639 \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u0631\u0627\u0628\u0637\u0647 \u0627\u0639\u062a\u0645\u0627\u062f \u0628\u0631\u0627\u06cc \u0633\u06cc\u0627\u0633\u062a \u0627\u0633\u062a.<\/h5>\n\ndata \"aws_iam_policy_document\" \"GD-EC2MaliciousIPCaller-policy-document\" {\r\nstatement {\r\neffect = \"Allow\"\r\nactions = [\"sts:AssumeRole\"]\r\nprincipals {\r\ntype = \"Service\"\r\nidentifiers = [\"lambda.amazonaws.com\"]\r\n}\r\n}\r\n}\r\n<\/code><\/pre>\n<\/div>\n7.2. \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f\u060c \u062e\u0637 \u0645\u0634\u06cc \u062f\u0631\u0648\u0646 \u062e\u0637\u06cc \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0628\u0631\u0627\u06cc \u0646\u0642\u0634\u06cc \u06a9\u0647 AWS Lambda \u0628\u0631 \u0639\u0647\u062f\u0647 \u0645\u06cc \u06af\u06cc\u0631\u062f \u0627\u0639\u0645\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f.<\/h5>\n
\nresource \"aws_iam_role_policy\" \"GD-EC2MaliciousIPCaller-inline-role-policy\" {\r\nname = \"GD-EC2MaliciousIPCaller-inline-role-policy\"\r\nrole = aws_iam_role.GD-Lambda-EC2MaliciousIPCaller-role.id\r\npolicy = jsonencode({\r\n\"Version\" : \"2012-10-17\",\r\n\"Statement\" : [\r\n{\r\n\"Action\" : [\r\n\"ssm:PutParameter\",\r\n\"ec2:AuthorizeSecurityGroupEgress\",\r\n\"ec2:AuthorizeSecurityGroupIngress\",\r\n\"ec2:CreateSecurityGroup\",\r\n\"ec2:DescribeSecurityGroups\",\r\n\"ec2:RevokeSecurityGroupEgress\",\r\n\"ec2:RevokeSecurityGroupIngress\",\r\n\"ec2:UpdateSecurityGroupRuleDescriptionsEgress\",\r\n\"ec2:UpdateSecurityGroupRuleDescriptionsIngress\",\r\n\"ec2:DescribeInstances\",\r\n\"ec2:UpdateSecurityGroupRuleDescriptionsIngress\",\r\n\"ec2:DescribeVpcs\",\r\n\"ec2:ModifyInstanceAttribute\",\r\n\"lambda:InvokeFunction\",\r\n\"cloudwatch:PutMetricData\",\r\n\"xray:PutTraceSegments\",\r\n\"xray:PutTelemetryRecords\"\r\n],\r\n\"Resource\" : \"*\",\r\n\"Effect\" : \"Allow\"\r\n},\r\n{\r\n\"Action\" : [\r\n\"logs:*\"\r\n],\r\n\"Resource\" : \"arn:aws:logs:*:*:*\",\r\n\"Effect\" : \"Allow\"\r\n},\r\n{\r\n\"Action\" : [\r\n\"sns:Publish\"\r\n],\r\n\"Resource\" : var.sns_topic_arn,\r\n\"Effect\" : \"Allow\"\r\n} \r\n]\r\n})\r\n}\r\n<\/code><\/pre>\n<\/div>\n7.3. \u0648 \u0627\u06a9\u0646\u0648\u0646 \u0646\u0642\u0634 IAM \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f \u06a9\u0647 AWS Lambda \u0622\u0646 \u0631\u0627 \u0628\u0631 \u0639\u0647\u062f\u0647 \u062e\u0648\u0627\u0647\u062f \u06af\u0631\u0641\u062a.<\/h5>\n
\nresource \"aws_iam_role\" \"GD-Lambda-EC2MaliciousIPCaller-role\" {\r\nname = \"GD-Lambda-EC2MaliciousIPCaller-role1\"\r\nassume_role_policy = data.aws_iam_policy_document.GD-EC2MaliciousIPCaller-policy-document.json\r\n}\r\n<\/code><\/pre>\n<\/div>\n7.4. \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u062f\u0627\u062f\u0647 \u0628\u0627 \u0627\u0634\u0627\u0631\u0647 \u0628\u0647 \u06a9\u062f \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f.<\/h5>\n
\ndata \"archive_file\" \"python_lambda_package\" {\r\ntype = \"zip\"\r\nsource_file = \"${path.module}\/code\/index.py\"\r\noutput_path = \"index.zip\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n7.5. \u062f\u0631 \u0645\u0631\u062d\u0644\u0647 \u0628\u0639\u062f \u0628\u0627\u06cc\u062f \u0628\u0647 EventBridge \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 Lambda \u0631\u0627 \u0628\u062f\u0647\u06cc\u0645.<\/h5>\n
\nresource \"aws_lambda_permission\" \"GuardDuty-Hands-On-RemediationLambda\" {\r\nstatement_id = \"GuardDutyTerraformRemediationLambdaEC2InvokePermissions\"\r\naction = \"lambda:InvokeFunction\"\r\nfunction_name = aws_lambda_function.GuardDuty-Example-Remediation-EC2MaliciousIPCaller.function_name\r\nprincipal = \"events.amazonaws.com\"\r\n}\r\n<\/code><\/pre>\n<\/div>\n\u0628\u0644\u0648\u06a9 \u0641\u0648\u0642 \u0628\u0647 EventBridge \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u062a\u0627\u0628\u0639 Lambda \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u06a9\u0646\u062f.<\/p>\n
7.6. \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a \u0645\u0627 \u0645\u0646\u0628\u0639 \u062a\u0627\u0628\u0639 Lambda \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u06cc\u0645. \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0628\u0627\u06cc\u062f \u0686\u0646\u062f \u0645\u062a\u063a\u06cc\u0631 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0628\u0647 \u0645\u0627 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u0627\u0637\u0644\u0627\u0639\u0627\u062a\u06cc \u0631\u0627 \u0645\u0646\u062a\u0642\u0644 \u06a9\u0646\u06cc\u0645. \u0641\u0627\u06cc\u0644 modules\/lambda\/variables.tf \u0631\u0627 \u0628\u0627 \u0645\u062a\u063a\u06cc\u0631\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0648\u06cc\u0631\u0627\u06cc\u0634 \u06a9\u0646\u06cc\u062f:<\/h5>\n
\nvariable \"sns_topic_arn\" {\r\n}\r\nvariable \"compromised_instance_id\" {\r\n}\r\nvariable \"forensic_sg_id\" {\r\n}<\/code><\/pre>\n<\/div>\n7.7. \u0633\u067e\u0633 \u0628\u0647 \u0641\u0627\u06cc\u0644 modules\/lambda\/main.tf \u0628\u0631\u06af\u0631\u062f\u06cc\u062f \u0648 \u0645\u0646\u0628\u0639 \u062a\u0627\u0628\u0639 Lambda \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0646\u06cc\u062f. \u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u062f\u0631 \u0628\u0644\u0648\u06a9 \u06a9\u062f \u0632\u06cc\u0631 \u0627\u0632 Python 3.9 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u06cc\u0645. \u0647\u0645\u0686\u0646\u06cc\u0646\u060c \u0645\u0627 \u0628\u0647 \u06a9\u062f \u067e\u0627\u06cc\u062a\u0648\u0646\u06cc \u06a9\u0647 \u062f\u0631 index.zip \u0632\u06cc\u067e \u06a9\u0631\u062f\u0647 \u0627\u06cc\u0645\u060c \u0627\u0631\u062c\u0627\u0639 \u0645\u06cc \u062f\u0647\u06cc\u0645. \u0648 \u062f\u0631 \u0622\u062e\u0631 \u0645\u0627 \u0686\u0646\u062f \u0645\u062a\u063a\u06cc\u0631 \u0645\u062d\u06cc\u0637\u06cc \u0631\u0627 \u062f\u0631 \u0645\u0646\u0628\u0639 \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u06cc\u0645: INSTANCE_ID\u060c FORENSICS_SG\u060c \u0648 TOPIC_ARN. \u0627\u06cc\u0646\u0647\u0627 \u0627\u0632 \u0645\u062a\u063a\u06cc\u0631\u0647\u0627\u06cc\u06cc \u06a9\u0647 \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u0645 \u0628\u0647 \u0645\u062d\u06cc\u0637 \u062a\u0627\u0628\u0639 Lambda \u0645\u0627 \u0645\u0646\u062a\u0642\u0644 \u0645\u06cc \u0634\u0648\u0646\u062f.<\/h5>\n
\n# Create the Lambda function Resource\r\nresource \"aws_lambda_function\" \"GuardDuty-Example-Remediation-EC2MaliciousIPCaller\" {\r\nfunction_name = \"GuardDuty-Example-Remediation-EC2MaliciousIPCaller\"\r\nfilename = \"index.zip\"\r\nsource_code_hash = data.archive_file.python_lambda_package.output_base64sha256\r\nrole = aws_iam_role.GD-Lambda-EC2MaliciousIPCaller-role.arn\r\nruntime = \"python3.9\"\r\nhandler = \"index.handler\"\r\ntimeout = 10\r\nenvironment {\r\nvariables = {\r\nINSTANCE_ID = var.compromised_instance_id\r\nFORENSICS_SG = var.forensic_sg_id\r\nTOPIC_ARN = var.sns_topic_arn\r\n}\r\n}\r\n}<\/code><\/pre>\n<\/div>\n7.8. \u062f\u0631 \u0641\u0627\u06cc\u0644 root\/main.tf \u0645\u0627\u0698\u0648\u0644 Lambda \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u06a9\u0646\u06cc\u062f\u060c \u0645\u0648\u0636\u0648\u0639 SNS ARN\u060c \u0634\u0646\u0627\u0633\u0647 \u0646\u0645\u0648\u0646\u0647 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0648 \u06af\u0631\u0648\u0647 Forensic Security \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u062f. \u062a\u0648\u062c\u0647 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0627\u06cc\u0646 \u0645\u0642\u0627\u062f\u06cc\u0631 \u0627\u0632 \u0645\u0627\u0698\u0648\u0644 GuardDuty\u060c \u0645\u0627\u0698\u0648\u0644 \u0645\u062d\u0627\u0633\u0628\u0647 \u0648 \u0645\u0627\u0698\u0648\u0644 VPC \u0645\u06cc \u0622\u06cc\u0646\u062f.<\/h5>\n
\n# CREATE THE LAMBDA FUNCTION\r\nmodule \"lambda\" {\r\nsource = \".\/modules\/lambda\"\r\nsns_topic_arn = module.guardduty_sns_topic.sns_topic_arn\r\ncompromised_instance_id = module.compute.compromised_instance_id\r\nforensic_sg_id = module.forensic-security-group.security_group_id\r\n}\r\n<\/code><\/pre>\n<\/div>\n7.9. \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a \u0642\u0627\u0646\u0648\u0646\u06cc \u0647\u0646\u0648\u0632 \u0627\u06cc\u062c\u0627\u062f \u0646\u0634\u062f\u0647 \u0627\u0633\u062a. \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u062f\u0631 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\n# CREATES THE FORENSICS_SG SECURITY GROUP\r\nmodule \"forensic-security-group\" {\r\nsource = \"terraform-aws-modules\/security-group\/aws\"\r\nversion = \"4.17.1\"\r\nname = \"FORENSIC_SG\"\r\ndescription = \"Forensic Security group \"\r\nvpc_id = module.iac_vpc.vpc_attributes.id\r\n}<\/code><\/pre>\n<\/div>\n7.10. \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc-\u0642\u0627\u0646\u0648\u0646\u06cc\u060c \u0628\u0627\u06cc\u062f \u0622\u0646 \u0631\u0627 \u062e\u0631\u0648\u062c\u06cc \u0628\u06af\u06cc\u0631\u06cc\u0645. \u062f\u0631 \u0641\u0627\u06cc\u0644 root\/outputs.tf \u0648 \u062e\u0631\u0648\u062c\u06cc \u0634\u0646\u0627\u0633\u0647 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a.<\/h5>\n
\noutput \"forensic_sg_id\" {\r\nvalue = module.forensic-security-group.security_group_id\r\ndescription = \"Output of forensic sg id created - to place the EC2 instance(s).\"\r\n}<\/pre>\n<\/div>\n7.11. \u0627\u06a9\u0646\u0648\u0646 \u0628\u0627\u06cc\u062f \u0642\u0627\u0646\u0648\u0646 EventBridge \u0631\u0627 \u062a\u0646\u0638\u06cc\u0645 \u06a9\u0646\u06cc\u0645 \u062a\u0627 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0631\u0627 \u0628\u0647 Lambda \u0627\u0631\u0633\u0627\u0644 \u06a9\u0646\u06cc\u0645. \u062f\u0631 \u0628\u062e\u0634 \u0628\u0639\u062f\u06cc \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u062e\u0648\u0627\u0647\u06cc\u0645 \u062f\u0627\u062f. \u0628\u0647 \u0641\u0627\u06cc\u0644 modules\/eventbridge\/main.tf \u0628\u0631\u06af\u0631\u062f\u06cc\u062f. \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0647\u062f\u0641 \u0631\u0648\u06cc\u062f\u0627\u062f \u0628\u0631\u0627\u06cc \u062a\u0627\u0628\u0639 Lambda \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0628\u0647 \u0642\u0627\u0646\u0648\u0646 aws_cloudwatch_event_rule.GuardDuty-Event-EC2-MaliciousIPCaller.name \u0646\u06af\u0627\u0647 \u0645\u06cc \u06a9\u0646\u062f \u0648 \u0634\u0646\u0627\u0633\u0647 \u0647\u062f\u0641 \u0631\u0627 \u0631\u0648\u06cc GuardDuty-Example-Remediation \u062a\u0646\u0638\u06cc\u0645 \u0645\u06cc \u06a9\u0646\u062f. \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0628\u0647 ARN \u062a\u0627\u0628\u0639 \u0644\u0627\u0645\u0628\u062f\u0627 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u06cc\u062f. \u0627\u06cc\u0646 \u0631\u0627 \u0645\u06cc \u062a\u0648\u0627\u0646 \u0627\u0632 \u0645\u0627\u0698\u0648\u0644 Lambda \u062e\u0631\u0648\u062c\u06cc \u06af\u0631\u0641\u062a.<\/h5>\n
\n#EVENT TARGET RESOURCE FOR LAMBDA REMEDIATION FUNCTION\r\nresource \"aws_cloudwatch_event_target\" \"lambda_function\" {\r\nrule = aws_cloudwatch_event_rule.GuardDuty-Event-EC2-MaliciousIPCaller.name\r\ntarget_id = \"GuardDuty-Example-Remediation\"\r\narn = var.lambda_remediation_function_arn\r\n}<\/code><\/pre>\n<\/div>\n7.12. \u0627\u06af\u0631 \u0642\u0628\u0644\u0627\u064b \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u0631\u0627 \u0646\u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f\u060c \u062e\u0631\u0648\u062c\u06cc \u0631\u0627 \u0628\u0647 \u0645\u0627\u0698\u0648\u0644 \u0644\u0627\u0645\u0628\u062f\u0627 (modules\/lambda\/outputs.tf) \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\noutput \"lambda_remediation_function_arn\" {\r\nvalue = aws_lambda_function.GuardDuty-Example-Remediation-EC2MaliciousIPCaller.arn\r\n}\r\n<\/code><\/pre>\n<\/div>\n7.13. \u0627\u06cc\u0646 \u0645\u062a\u063a\u06cc\u0631 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627\u06cc\u062f \u062f\u0631 \u0645\u0627\u0698\u0648\u0644 EventBridge (modules\/eventbridge\/variables.tf) \u0627\u0639\u0645\u0627\u0644 \u0634\u0648\u062f.<\/h5>\n
\nvariable \"lambda_remediation_function_arn\" {\r\n}<\/code><\/pre>\n<\/div>\n7.14. \u0648 \u062f\u0631 \u0646\u0647\u0627\u06cc\u062a lambda_remediation_function_arn \u0631\u0627 \u0628\u0647 \u0641\u0627\u06cc\u0644 root\/main.tf \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f. \u0627\u06cc\u0646 \u062f\u0631 \u0642\u0627\u0646\u0648\u0646 EventBridge \u06a9\u0647 \u0642\u0628\u0644\u0627 \u0627\u06cc\u062c\u0627\u062f \u0634\u062f\u0647 \u0627\u0633\u062a \u0645\u06cc \u0631\u0648\u062f. \u062e\u0631\u0648\u062c\u06cc \u0632\u06cc\u0631 \u06a9\u0644 \u0628\u0644\u0648\u06a9 \u06a9\u062f \u0627\u0633\u062a \u06a9\u0647 \u0628\u0631\u062e\u06cc \u0627\u0632 \u0622\u0646\u0647\u0627 \u0642\u0628\u0644\u0627\u064b \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u0645\u0637\u0645\u0626\u0646 \u0634\u0648\u06cc\u062f \u06a9\u0647 \u0641\u0642\u0637 \u06a9\u062f lambda_remediation_function_arn = module.lambda.lambda_remediation_function_arn \u0631\u0627 \u0628\u0647 \u0628\u0644\u0648\u06a9 \u0645\u0648\u062c\u0648\u062f \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/h5>\n
\nmodule \"guardduty_eventbridge_rule\" {\r\nsource = \".\/modules\/eventbridge\"\r\nsns_topic_arn = module.guardduty_sns_topic.sns_topic_arn\r\nlambda_remediation_function_arn = module.lambda.lambda_remediation_function_arn\r\n}\r\n<\/code><\/pre>\n<\/div>\n\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u06cc\u06a9 \u062a\u0627\u0628\u0639 Lambda \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u06cc\u062f \u06a9\u0647 \u06cc\u06a9 \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u062f\u0631 \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u062a\u0641\u0627\u0648\u062a \u062c\u062f\u0627 \u0645\u06cc \u06a9\u0646\u062f. \u0627\u06cc\u0646 \u062a\u0627\u0628\u0639 \u0644\u0627\u0645\u0628\u062f\u0627 \u0632\u0645\u0627\u0646\u06cc \u062a\u0648\u0633\u0637 EventBridge \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u06cc\u06a9 \u06cc\u0627\u0641\u062a\u0647 GuardDuty \u0628\u0627 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u062f\u0647 \u0634\u0648\u062f. \u062f\u0631 \u0628\u062e\u0634 \u0628\u0639\u062f\u06cc \u06a9\u0644 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u062e\u0648\u0627\u0647\u06cc\u062f \u06a9\u0631\u062f.<\/p>\n
\u0645\u0631\u062d\u0644\u0647 8: \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u0631\u0627 \u062f\u0631 \u062d\u0633\u0627\u0628 AWS \u062e\u0648\u062f \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u06cc\u062f<\/h2>\n
8.1. \u06cc\u06a9 init terraform \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f. \u0628\u0627 \u0627\u06cc\u0646 \u06a9\u0627\u0631 \u062a\u0645\u0627\u0645 \u0645\u0627\u0698\u0648\u0644 \u0647\u0627\u06cc\u06cc \u06a9\u0647 \u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634 \u06a9\u062f \u0627\u0636\u0627\u0641\u0647 \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f \u0645\u0642\u062f\u0627\u0631\u062f\u0647\u06cc \u0627\u0648\u0644\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f. \u062e\u0631\u0648\u062c\u06cc \u0628\u0627\u06cc\u062f \u0634\u0628\u06cc\u0647 \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0628\u0627\u0634\u062f.<\/h5>\n
\n8.2. \u06cc\u06a9 \u067e\u0644\u0627\u0646 \u0632\u0645\u06cc\u0646\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u062f.<\/h5>\n8.3. \u0628\u0631\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a \u0628\u0647 AWS\u060c \u06cc\u06a9 terraform application \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u062f. \u067e\u0633 \u0627\u0632 \u0627\u0639\u0645\u0627\u0644\u060c \u062e\u0631\u0648\u062c\u06cc \u0634\u0645\u0627 \u0628\u0627\u06cc\u062f \u0634\u0628\u06cc\u0647 \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u0628\u0627\u0634\u062f:<\/h5>\n
\n\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc Terraform \u0631\u0627 \u062f\u0631 \u062d\u0633\u0627\u0628 AWS \u062e\u0648\u062f \u0627\u0639\u0645\u0627\u0644 \u06a9\u0631\u062f\u06cc\u062f. \u062f\u0631 \u0627\u06cc\u0646 \u0645\u0631\u062d\u0644\u0647 \u0634\u0645\u0627 \u062f\u0648 \u0646\u0645\u0648\u0646\u0647 EC2 \u062f\u0627\u0631\u06cc\u062f \u06a9\u0647 \u0628\u0627 \u06cc\u06a9\u062f\u06cc\u06af\u0631 \u062f\u0631 \u0627\u0631\u062a\u0628\u0627\u0637 \u0647\u0633\u062a\u0646\u062f. One \u0645\u062e\u0631\u0628 \u0627\u0633\u062a \u0648 \u0622\u062f\u0631\u0633 IP \u0622\u0646 \u0628\u0647 \u0644\u06cc\u0633\u062a IP \u062a\u0647\u062f\u06cc\u062f \u0645\u0627 \u0627\u0636\u0627\u0641\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a. \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 GuardDuty \u0645\u06cc \u0628\u06cc\u0646\u062f \u06a9\u0647 \u0627\u06cc\u0646 IP \u0628\u0627 \u0646\u0645\u0648\u0646\u0647 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0645\u0627 \u0635\u062d\u0628\u062a \u0645\u06cc \u06a9\u0646\u062f\u060c \u06cc\u0627\u0641\u062a\u0647 \u0627\u06cc \u0631\u0627 \u0627\u06cc\u062c\u0627\u062f \u0645\u06cc \u06a9\u0646\u062f. \u0645\u0627 \u06cc\u06a9 \u0642\u0627\u0646\u0648\u0646 EventBridge \u062f\u0627\u0631\u06cc\u0645 \u06a9\u0647 \u0628\u0627 \u0622\u0646 \u06cc\u0627\u0641\u062a\u0647 \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u0631\u062f \u0648 \u062f\u0648 \u06a9\u0627\u0631 \u0631\u0627 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u062f: \u0627\u0648\u0644\u060c \u06cc\u06a9 \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0631\u0627\u06cc \u0645\u0627 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0647 \u0645\u0627 \u0627\u0637\u0644\u0627\u0639 \u0645\u06cc \u062f\u0647\u062f \u06a9\u0647 \u0686\u0647 \u0627\u062a\u0641\u0627\u0642\u06cc \u0627\u0641\u062a\u0627\u062f\u0647 \u0627\u0633\u062a\u060c \u0648 \u062f\u0648\u0645\u060c \u062a\u0627\u0628\u0639 Lambda \u0631\u0627 \u0641\u0631\u0627\u062e\u0648\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f \u062a\u0627 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u062a\u063a\u06cc\u06cc\u0631 \u062f\u0647\u062f. \u062f\u0631 \u0628\u062e\u0634 \u0628\u0639\u062f\u06cc\u060c \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627 \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 AWS \u062e\u0648\u062f \u062a\u0623\u06cc\u06cc\u062f \u062e\u0648\u0627\u0647\u06cc\u0645 \u06a9\u0631\u062f.<\/p>\n\u0645\u0631\u062d\u0644\u0647 9: \u0631\u0627\u0647 \u062d\u0644 \u0631\u0627 \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a AWS \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0646\u06cc\u062f<\/h2>\n
\u062f\u0631 \u0627\u06cc\u0646 \u0628\u062e\u0634\u060c \u06a9\u0644 \u0631\u0627\u0647\u200c\u062d\u0644 \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u06a9\u0646\u0633\u0648\u0644 AWS \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645 \u0648 \u0628\u0631\u0631\u0633\u06cc \u0645\u06cc\u200c\u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0648\u0642\u062a\u06cc \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627 \u062f\u0631 GuardDuty \u0638\u0627\u0647\u0631 \u0634\u062f \u0648 EventBridge \u0639\u0645\u0644\u06a9\u0631\u062f Lambda \u0631\u0627 \u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u060c \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0646\u062a\u0642\u0644 \u0634\u062f\u0647 \u0627\u0633\u062a.<\/p>\n
\u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627\u06cc\u062f \u06cc\u06a9 \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0631\u0627\u06cc \u062a\u0627\u06cc\u06cc\u062f \u0627\u0634\u062a\u0631\u0627\u06a9 \u062e\u0648\u062f \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0631\u062f\u0647 \u0628\u0627\u0634\u06cc\u062f. \u0628\u0647 \u06cc\u0627\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0628\u0631\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0627\u0639\u0644\u0627\u0646 \u0647\u0627\u06cc\u06cc \u06a9\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f \u0628\u0627\u06cc\u062f \u0645\u0634\u062a\u0631\u06a9 \u0634\u0648\u06cc\u062f.<\/p>\n
\n\u067e\u0633 \u0627\u0632 \u0627\u0634\u062a\u0631\u0627\u06a9\u060c \u0628\u0647 \u06a9\u0646\u0633\u0648\u0644 \u0645\u062f\u06cc\u0631\u06cc\u062a AWS \u0628\u0631\u0648\u06cc\u062f \u062a\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u062f\u0648 \u0646\u0645\u0648\u0646\u0647 EC2 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u0648 \u0647\u0631 \u062f\u0648 \u062f\u0631 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a \u0627\u0648\u0644\u06cc\u0647 \u0647\u0633\u062a\u0646\u062f.<\/p>\n\u0627\u0628\u062a\u062f\u0627 \u0647\u0627\u0633\u062a \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f.<\/p>\n
\n\u0633\u067e\u0633 \u0647\u0627\u0633\u062a \u0645\u062e\u0631\u0628 \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f.<\/p>\n
\n\u0633\u067e\u0633 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u062d\u0627\u0635\u0644 \u06a9\u0646\u06cc\u062f \u06a9\u0647 GuardDuty \u06cc\u0627\u0641\u062a\u0647\u200c\u0647\u0627 \u0631\u0627 \u06af\u0632\u0627\u0631\u0634 \u0645\u06cc\u200c\u06a9\u0646\u062f.<\/p>\n
\n\u0627\u06a9\u0646\u0648\u0646 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u0622\u0646 \u06cc\u0627\u0641\u062a\u0647 \u0627\u0633\u062a.<\/h5>\n
\n\u0633\u067e\u0633 \u0647\u062f\u0641 \u0642\u0627\u0646\u0648\u0646 EventBridge \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f. \u0634\u0645\u0627 \u0628\u0627\u06cc\u062f \u06cc\u06a9 \u0647\u062f\u0641 SNS \u0648 \u06cc\u06a9 \u0647\u062f\u0641 Lambda \u0631\u0627 \u0628\u0628\u06cc\u0646\u06cc\u062f.<\/p>\n
\n\u0642\u0627\u0646\u0648\u0646 SNS \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0628\u06cc\u0646\u06cc\u062f \u0686\u0647 \u06a9\u0627\u0631\u06cc \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u062f\u0647\u062f. \u0628\u0627\u06cc\u062f \u0628\u0647 \u0622\u062f\u0631\u0633\u06cc \u06a9\u0647 \u062a\u0639\u06cc\u06cc\u0646 \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f \u0627\u06cc\u0645\u06cc\u0644 \u0628\u0641\u0631\u0633\u062a\u06cc\u062f.<\/p>\n
\n\u0633\u067e\u0633 \u0639\u0645\u0644\u06a9\u0631\u062f Lambda \u0631\u0627 \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f. \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0632 \u0642\u0627\u0646\u0648\u0646 EventBridge \u06cc\u0627 \u0628\u0627 \u067e\u06cc\u0645\u0627\u06cc\u0634 \u0645\u0633\u062a\u0642\u06cc\u0645 \u0628\u0647 \u0622\u0646\u062c\u0627 \u0628\u0631\u0648\u06cc\u062f.<\/p>\n
\n\u062f\u0631 \u0646\u0647\u0627\u06cc\u062a \u0628\u0631\u0631\u0633\u06cc \u06a9\u0646\u06cc\u062f \u06a9\u0647 \u062a\u0627\u0628\u0639 Lambda \u0645\u06cc\u0632\u0628\u0627\u0646 \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0631\u0627 \u0628\u0647 \u06cc\u06a9 \u06af\u0631\u0648\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc\u062f \u0645\u0646\u062a\u0642\u0644 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.<\/p>\n
\n\u0628\u0633\u062a\u0647 \u0628\u0647 \u0645\u062f\u062a \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u0645\u0646\u062a\u0638\u0631 \u0628\u0648\u062f\u0647 \u0627\u06cc\u062f\u060c \u0627\u06af\u0631 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0634\u0645\u0627 \u0628\u0627 \u0627\u0633\u06a9\u0631\u06cc\u0646 \u0634\u0627\u062a \u0647\u0627\u06cc \u0628\u0627\u0644\u0627 \u0645\u0637\u0627\u0628\u0642\u062a \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u062f\u060c \u06cc\u06a9 \u0631\u0627\u0647 \u062d\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc \u06a9\u0627\u0645\u0644 AWS \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0628\u0627 \u0645\u0648\u0641\u0642\u06cc\u062a \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u06cc\u062f.<\/p>\n","protected":false},"excerpt":{"rendered":"Introduction In this tutorial, you will learn how to configure an AWS security solution using Terraform. You will\u2026","protected":false},"author":1,"featured_media":15309,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_yoast_wpseo_focuskw":"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform","_yoast_wpseo_title":"","_yoast_wpseo_metadesc":"","_yoast_wpseo_canonical":"","_yoast_wpseo_opengraph-description":"","_yoast_wpseo_opengraph-image":"","_yoast_wpseo_twitter-description":"","_yoast_wpseo_twitter-image":"","_yoast_wpseo_focuskeywords":"","_yoast_wpseo_primary_category":"220","footnotes":""},"categories":[220,193],"tags":[219],"class_list":{"0":"post-15285","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-amazon","8":"category-tutorials","9":"tag-aws"},"yoast_head":"\n\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform - \u0628\u0644\u0627\u06af ITPiran<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.itpiran.net\/blog\/en\/amazon\/using-terraform-to-configure-automated-guardduty\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform - \u0628\u0644\u0627\u06af ITPiran\" \/>\n<meta property=\"og:description\" content=\"\u0645\u0642\u062f\u0645\u0647 \u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634\u060c \u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627\u0647 \u062d\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc AWS \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0631\u0627 \u062e\u0648\u0627\u0647\u06cc\u062f \u0622\u0645\u0648\u062e\u062a. \u0634\u0645\u0627…\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.itpiran.net\/blog\/en\/amazon\/using-terraform-to-configure-automated-guardduty\/\" \/>\n<meta property=\"og:site_name\" content=\"\u0628\u0644\u0627\u06af ITPiran\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-13T20:15:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.itpiran.net\/2024\/04\/13234429\/AWSjpg.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1793\" \/>\n\t<meta property=\"og:image:height\" content=\"1110\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#\\\/schema\\\/person\\\/04ed27b919baca468a2273f8e4318f81\"},\"headline\":\"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform\",\"datePublished\":\"2024-04-13T20:15:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/\"},\"wordCount\":488,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cdn.itpiran.net\\\/2024\\\/04\\\/13234429\\\/AWSjpg.jpg\",\"keywords\":[\"AWS\"],\"articleSection\":[\"\u0622\u0645\u0627\u0632\u0648\u0646\",\"\u0622\u0645\u0648\u0632\u0634\u06cc\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/\",\"url\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/\",\"name\":\"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform - \u0628\u0644\u0627\u06af ITPiran\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cdn.itpiran.net\\\/2024\\\/04\\\/13234429\\\/AWSjpg.jpg\",\"datePublished\":\"2024-04-13T20:15:23+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cdn.itpiran.net\\\/2024\\\/04\\\/13234429\\\/AWSjpg.jpg\",\"contentUrl\":\"https:\\\/\\\/cdn.itpiran.net\\\/2024\\\/04\\\/13234429\\\/AWSjpg.jpg\",\"width\":1793,\"height\":1110},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/amazon\\\/using-terraform-to-configure-automated-guardduty\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u0622\u0645\u0627\u0632\u0648\u0646\",\"item\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/category\\\/amazon\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/\",\"name\":\"\u0628\u0644\u0627\u06af ITPiran\",\"description\":\"\u0627\u062e\u0628\u0627\u0631 \u0648 \u0645\u0642\u0627\u0644\u0627\u062a \u062a\u062c\u0627\u0631\u062a \u067e\u0627\u06cc\u062f\u0627\u0631 \u0627\u06cc\u0631\u0627\u0646\u06cc\u0627\u0646\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#organization\",\"name\":\"\u0628\u0644\u0627\u06af \u062a\u062c\u0627\u0631\u062a \u067e\u0627\u06cc\u062f\u0627\u0631 \u0627\u06cc\u0631\u0627\u0646\u06cc\u0627\u0646\",\"alternateName\":\"ITPIran Blog\",\"url\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/cdn.itpiran.net\\\/2023\\\/12\\\/27150508\\\/cropped-ITPIRAN-BLOG-LOGO-2.png\",\"contentUrl\":\"https:\\\/\\\/cdn.itpiran.net\\\/2023\\\/12\\\/27150508\\\/cropped-ITPIRAN-BLOG-LOGO-2.png\",\"width\":512,\"height\":512,\"caption\":\"\u0628\u0644\u0627\u06af \u062a\u062c\u0627\u0631\u062a \u067e\u0627\u06cc\u062f\u0627\u0631 \u0627\u06cc\u0631\u0627\u0646\u06cc\u0627\u0646\"},\"image\":{\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/#\\\/schema\\\/person\\\/04ed27b919baca468a2273f8e4318f81\",\"name\":\"admin\",\"url\":\"https:\\\/\\\/www.itpiran.net\\\/blog\\\/en\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Configure Automated Incident Response for Amazon GuardDuty Findings with Terraform - ITPiran Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.itpiran.net\/blog\/en\/amazon\/using-terraform-to-configure-automated-guardduty\/","og_locale":"en_US","og_type":"article","og_title":"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform - \u0628\u0644\u0627\u06af ITPiran","og_description":"\u0645\u0642\u062f\u0645\u0647 \u062f\u0631 \u0627\u06cc\u0646 \u0622\u0645\u0648\u0632\u0634\u060c \u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0631\u0627\u0647 \u062d\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc AWS \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 Terraform \u0631\u0627 \u062e\u0648\u0627\u0647\u06cc\u062f \u0622\u0645\u0648\u062e\u062a. \u0634\u0645\u0627…","og_url":"https:\/\/www.itpiran.net\/blog\/en\/amazon\/using-terraform-to-configure-automated-guardduty\/","og_site_name":"\u0628\u0644\u0627\u06af ITPiran","article_published_time":"2024-04-13T20:15:23+00:00","og_image":[{"width":1793,"height":1110,"url":"https:\/\/cdn.itpiran.net\/2024\/04\/13234429\/AWSjpg.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#article","isPartOf":{"@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/"},"author":{"name":"admin","@id":"https:\/\/www.itpiran.net\/blog\/#\/schema\/person\/04ed27b919baca468a2273f8e4318f81"},"headline":"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform","datePublished":"2024-04-13T20:15:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/"},"wordCount":488,"commentCount":0,"publisher":{"@id":"https:\/\/www.itpiran.net\/blog\/#organization"},"image":{"@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#primaryimage"},"thumbnailUrl":"https:\/\/cdn.itpiran.net\/2024\/04\/13234429\/AWSjpg.jpg","keywords":["AWS"],"articleSection":["\u0622\u0645\u0627\u0632\u0648\u0646","\u0622\u0645\u0648\u0632\u0634\u06cc"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/","url":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/","name":"How to Configure Automated Incident Response for Amazon GuardDuty Findings with Terraform - ITPiran Blog","isPartOf":{"@id":"https:\/\/www.itpiran.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#primaryimage"},"image":{"@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#primaryimage"},"thumbnailUrl":"https:\/\/cdn.itpiran.net\/2024\/04\/13234429\/AWSjpg.jpg","datePublished":"2024-04-13T20:15:23+00:00","breadcrumb":{"@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#primaryimage","url":"https:\/\/cdn.itpiran.net\/2024\/04\/13234429\/AWSjpg.jpg","contentUrl":"https:\/\/cdn.itpiran.net\/2024\/04\/13234429\/AWSjpg.jpg","width":1793,"height":1110},{"@type":"BreadcrumbList","@id":"https:\/\/www.itpiran.net\/blog\/amazon\/using-terraform-to-configure-automated-guardduty\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.itpiran.net\/blog\/"},{"@type":"ListItem","position":2,"name":"\u0622\u0645\u0627\u0632\u0648\u0646","item":"https:\/\/www.itpiran.net\/blog\/category\/amazon\/"},{"@type":"ListItem","position":3,"name":"\u0646\u062d\u0648\u0647 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u067e\u0627\u0633\u062e \u062e\u0648\u062f\u06a9\u0627\u0631 \u062d\u0627\u062f\u062b\u0647 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0647 \u0647\u0627\u06cc Amazon GuardDuty \u0628\u0627 Terraform"}]},{"@type":"WebSite","@id":"https:\/\/www.itpiran.net\/blog\/#website","url":"https:\/\/www.itpiran.net\/blog\/","name":"ITPiran Blog","description":"Iranian Sustainable Trade News and Articles","publisher":{"@id":"https:\/\/www.itpiran.net\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.itpiran.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.itpiran.net\/blog\/#organization","name":"Sustainable Iranian Business Blog","alternateName":"ITPIran Blog","url":"https:\/\/www.itpiran.net\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.itpiran.net\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/cdn.itpiran.net\/2023\/12\/27150508\/cropped-ITPIRAN-BLOG-LOGO-2.png","contentUrl":"https:\/\/cdn.itpiran.net\/2023\/12\/27150508\/cropped-ITPIRAN-BLOG-LOGO-2.png","width":512,"height":512,"caption":"\u0628\u0644\u0627\u06af \u062a\u062c\u0627\u0631\u062a \u067e\u0627\u06cc\u062f\u0627\u0631 \u0627\u06cc\u0631\u0627\u0646\u06cc\u0627\u0646"},"image":{"@id":"https:\/\/www.itpiran.net\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.itpiran.net\/blog\/#\/schema\/person\/04ed27b919baca468a2273f8e4318f81","name":"admin","url":"https:\/\/www.itpiran.net\/blog\/en\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/posts\/15285","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/comments?post=15285"}],"version-history":[{"count":1,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/posts\/15285\/revisions"}],"predecessor-version":[{"id":15308,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/posts\/15285\/revisions\/15308"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/media\/15309"}],"wp:attachment":[{"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/media?parent=15285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/categories?post=15285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itpiran.net\/blog\/en\/wp-json\/wp\/v2\/tags?post=15285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13200753\/1-2.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13201015\/2-3.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13205757\/3-3.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13205845\/4-3.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13205932\/5-3.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13210016\/6-3.webp\")
![\"https:\/\/community.aws\/_next\/image?url=https%3A%2F%2Fcommunity.aws%2Fraw-post-images%2Ftutorials%2Fusing-terraform-to-configure-automated-guardduty-findings%2Fimages%2F0007.png&w=750&q=75\"](\"https:\/\/community.aws\/_next\/image?url=https%3A%2F%2Fcommunity.aws%2Fraw-post-images%2Ftutorials%2Fusing-terraform-to-configure-automated-guardduty-findings%2Fimages%2F0007.png&w=750&q=75\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13210300\/8-2.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13214747\/10-1.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13214833\/11-1.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13215727\/12.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13230652\/13.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13231811\/14.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13232023\/15.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13232158\/16.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13232406\/17.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13232454\/18.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13232556\/19.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13233106\/20.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13233254\/21.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13233442\/22.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13233538\/23.webp\")
![\"\"](\"https:\/\/cdn.itpiran.net\/2024\/04\/13233748\/24.webp\")