Steampipe MCP Server →
Steampipe Hub 
Hub
Plugins
turbot/aws
Overview
569
Tables
2,966
QueriesPowerpipeModsGitHub

Query: GuardDuty EC2 runtime monitoring should be enabled

Description

This control checks whether the Amazon GuardDuty automated security agent is enabled for runtime monitoring of Amazon EC2 instances. For a standalone account, the control fails if the security agent is disabled for the account. In a multi-account environment, the control fails if the security agent is disabled for the delegated GuardDuty administrator account and all member accounts.

Query

Tables used in this query:

Controls using this query:

SQL