Disable Malware Protection for S3 for a protected bucket
When you disable Malware Protection for S3 for a protected bucket, GuardDuty deletes the Malware Protection plan ID associated with that bucket. GuardDuty will no longer start a malware scan when a new object gets uploaded to this bucket or one of the selected object prefixes.
If you have enabled GuardDuty and now want to suspend or disable GuardDuty, see Suspending or disabling GuardDuty. Because there is no concept of detector ID in Malware Protection for S3, disabling or suspending GuardDuty doesn't impact the status of a protected bucket in your account. You can continue using Malware Protection for S3 feature independently with the associated standard pricing. For more information, see Viewing usage and cost for Malware Protection for S3. To stop using Malware Protection for S3, you will need to disable it for all the protected buckets in your account. If you want to continue using GuardDuty and disable only Malware Protection for S3 for a bucket, the following steps are not going to impact the configuration of the GuardDuty service and other protection plans that you may have enabled.
To disable Malware Protection for S3 for a protected bucket
Sign in to the AWS Management Console and open the GuardDuty console at https://console.aws.amazon.com/guardduty/
. -
In the navigation pane, choose Malware Protection for S3.
-
Under Protected buckets, select the bucket for which you want to disable Malware Protection for S3.
You can select only one protected bucket at a time. To disable Malware Protection for S3 for more than one bucket, follow these steps again for another S3 bucket.
-
Choose Disable.
-
Choose Disable to confirm the selection.
