Enabled GuardDuty with Terraform but It's Not Active

Hello Terraform Support Team,

I am writing to report an issue I encountered while trying to enable AWS GuardDuty using Terraform. I followed the official documentation and implemented the configuration, but for some reason, GuardDuty is not being enabled.

resource “aws_guardduty_detector” “default” {
enable = true
}

Terraform version: 1.3.6
AWS Provider version: 5.47.0

When I run terraform apply, it completes successfully, but when I check the AWS Management Console, GuardDuty is not enabled.

Could you please assist me in identifying if this is a bug or if there is something I might be missing in my configuration?

Terraform version: 1.3.6
AWS Provider version: 5.47.0

Your barebone definition would only enable the classic monitoring and feedback reporting features of GuardDuty, which is indicated by the fact that you are seeing the full menu in the Console (otherwise you’ll see the page that asks you to enable GuardDuty). Anything listed under Protection plans require additional configuration either via the aws_guardduty_detector_feature resource (preferred) or as configuration blocks in the aws_guardduty_detector resource.

I have an example on enabling GuardDuty and the protection plans in my blog post about implementing SSB in Terraform. There’s another blog post for managing GuardDuty in AWS Organizations. Feel free to take a look if you are interested.

2 Likes