Regions and endpoints

To view the AWS Regions where Amazon GuardDuty is available, see Amazon GuardDuty endpoints in the Amazon Web Services General Reference.

We recommend that you enable GuardDuty in all supported AWS Regions. This enables GuardDuty to generate findings about unauthorized or unusual activity even in Regions that you are not actively using. This also allows GuardDuty to monitor AWS CloudTrail events for the supported AWS Regions, its ability to detect activity that involves global services is reduced.

Region-specific feature availability

A list of regional differences to specify the availability of GuardDuty features.

Amazon EC2 finding types – DefenseEvasion:EC2/UnusualDoHActivity and DefenseEvasion:EC2/UnusualDoTActivity

The following table shows the AWS Regions where GuardDuty is available but these two Amazon EC2 finding types are not yet supported.

AWS Region	Region code
Asia Pacific (Seoul)	ap-northeast-2
Asia Pacific (Osaka)	ap-northeast-3
Asia Pacific (Jakarta)	ap-southeast-3

GuardDuty features with Region disparity – GuardDuty RDS Protection

The following list specifies the AWS Regions where RDS Protection is not yet supported:

Asia Pacific (Hyderabad)
Europe (Spain)
Europe (Zurich)
Middle East (UAE)
Israel (Tel Aviv)
Asia Pacific (Melbourne)

The following APIs in the Amazon GuardDuty API Reference may have regional differences because of the unavailability of some of the data sources or features in previously specified AWS Regions:

AWS GovCloud (US) Regions

For latest information, see Amazon GuardDuty in the AWS GovCloud (US) User Guide.

China Regions

For latest information, see Feature availability and implementation differences.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Troubleshooting

Legacy actions and parameters