Amazon GuardDuty Regions and endpoints
To view the AWS Regions where Amazon GuardDuty is available, see Amazon GuardDuty endpoints in the Amazon Web Services General Reference.
We recommend that you enable GuardDuty in all supported AWS Regions. This enables GuardDuty to generate findings about unauthorized or unusual activity even in Regions that you are not actively using. This also allows GuardDuty to monitor AWS CloudTrail events for the supported AWS Regions, its ability to detect activity that involves global services is reduced.
Region-specific feature availability
A list of regional differences to specify the availability of GuardDuty features.
- ListFindings and GetFindingsStatistics APIs
-
The GetFindingsStatistics and ListFindings APIs have a temporary
consoleOnlyflag. When you use any or both of these APIs, theconsoleOnlyflag means that the API can fetch results to a maximum limit of 1000. - GuardDuty features with Region disparity
-
- Malware Protection for EC2
-
GuardDuty supports the Malware Protection for EC2 feature in the AWS Dedicated Local Zones
.
- General API support
-
The following APIs in the Amazon GuardDuty API Reference may have regional differences because of the unavailability of some of the data sources or features in previously specified AWS Regions:
- Amazon EC2 finding types – DefenseEvasion:EC2/UnusualDoHActivity and DefenseEvasion:EC2/UnusualDoTActivity
-
The following table shows the AWS Regions where GuardDuty is available but these two Amazon EC2 finding types are not yet supported.
AWS Region
Region code
Asia Pacific (Seoul)
ap-northeast-2
Asia Pacific (Osaka)
ap-northeast-3
Asia Pacific (Jakarta)
ap-southeast-3
- AWS GovCloud (US) Regions
-
For latest information, see Amazon GuardDuty in the AWS GovCloud (US) User Guide.
- China Regions
-
For latest information, see Feature availability and implementation differences
.
