Malware Protection for EC2 quotas - Amazon GuardDuty

Malware Protection for EC2 quotas

This section includes the quotas associated with using Malware Protection for EC2. For quotas associated with GuardDuty, see GuardDuty quotas.

The following table provides default availability of varied resources when you use Malware Protection for EC2.

Scope Default Comments

Extraction and analysis of data in compressed or archived file

5

The maximum number of nested levels allowed in an archived file.

Number of files within an archived file

1000

The maximum number of files that can be scanned within an archive. This count is the sum of the number of files extracted from the archive and the number of files extracted from all the nested archives.

Number of threats

32

The maximum number of threats that you can view in the findings panel. GuardDuty Malware Protection for EC2 may have detected more threat names. If the number of detected threat names is higher than the default value, you can view the JSON details by selecting the Finding ID under the finding name in the details panel of the GuardDuty console.

Number of files per detected threat

5

The maximum number of files identified per detected threat. For example, if GuardDuty detects 10 files associated with a single threat, the threat will display a maximum of 5 files.

EBS volumes per scan per instance

11

The maximum number of EBS volumes that GuardDuty can scan per EC2 instance. If there are more than 11 EBS volumes that need to be scanned, GuardDuty Malware Protection for EC2 sorts the deviceName alphabetically, and selects the first 11 EBS volumes.

EBS volume size

2048 GB

Associated with an Amazon EC2 instance and container workload, GuardDuty Malware Protection for EC2 can scan each Amazon EBS volume that is up to 2048 GB in size. This quota applies to each AWS Region where the support for Malware Protection for EC2 is available.

Supported file system types

GuardDuty Malware Protection for EC2 can scan the following file system types:

  • New Technology File System (NTFS)

  • X File System (XFS)

  • Second extended (ext2) File System

  • Fourth extended (ext4) File System

  • File Allocation Table (FAT) File System

  • Virtual File Allocation Table (VFAT) File System

N/A.

Scan options tags

50

The maximum number of resource tags that you can add to customize your malware scan options setting. For more information, see Scan options with user-defined tags.

Finding retention period

90

The maximum number of days that GuardDuty retains a finding. For the latest information, see Amazon GuardDuty quotas.

Malware scan retention period

90

The maximum number of days that GuardDuty Malware Protection for EC2 retains the history of a scan. For more information on viewing recent malware scans, see Monitoring scan statuses and results in Malware Protection for EC2.

Transactions per second (TPS) for On-demand malware scan

1

The number of On-demand malware scan requests that can be initiated per second in each Region.

Burst limit for On-demand malware scan

1

The number of concurrent malware On-demand malware scan requests that can be initiated per second in each Region.