How Amazon GuardDuty differs for AWS GovCloud (US)Documentation for Amazon GuardDuty Export-Controlled Content

Amazon GuardDuty

How Amazon GuardDuty differs for AWS GovCloud (US)

The following features are not supported in both the AWS GovCloud (US) Regions:

Runtime Monitoring
EKS Runtime Monitoring
RDS Protection
Malware Protection
Cross-region data transfer
Member accounts invitation notifications through AWS Health Dashboard and email

The following EKS audit log finding types are not available in the GovCloud Regions:

CredentialAccess:Kubernetes/AnomalousBehavior.SecretsAccessed
PrivilegeEscalation:Kubernetes/AnomalousBehavior.RoleBindingCreated
Execution:Kubernetes/AnomalousBehavior.ExecInPod
PrivilegeEscalation:Kubernetes/AnomalousBehavior.WorkloadDeployed!PrivilegedContainer
PrivilegeEscalation:Kubernetes/AnomalousBehavior.WorkloadDeployed!ContainerWithSensitiveMount
Execution:Kubernetes/AnomalousBehavior.WorkloadDeployed
PrivilegeEscalation:Kubernetes/AnomalousBehavior.RoleCreated
Discovery:Kubernetes/AnomalousBehavior.PermissionChecked

Documentation for Amazon GuardDuty

Amazon GuardDuty documentation.

Export-Controlled Content

For AWS Services architected within the AWS GovCloud (US) Regions, the following list explains how certain components of data may leave the AWS GovCloud (US) Regions in the normal course of the service offerings. The list can be used as a guide to help meet applicable customer compliance obligations. Data not included in the following list remains within the AWS GovCloud (US) Regions.

This service can generate metadata from customer-defined configurations. AWS suggests customers do not enter export-controlled information in console fields, descriptions, resource names, and tagging information.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Amazon FSx

Amazon Inspector Classic