AWS guardduty documentation change
Summary
Added important note about at-least-once delivery and handling duplicate scan results
Security assessment
The added note informs users about potential duplicate scan results and billing implications, which is part of the operational details of a security feature but does not address a specific security vulnerability.
Diff
diff --git a/guardduty/latest/ug/how-malware-protection-for-s3-gdu-works.md b/guardduty/latest/ug/how-malware-protection-for-s3-gdu-works.md index 72ea373a3..4c9b6e3c6 100644 --- a//guardduty/latest/ug/how-malware-protection-for-s3-gdu-works.md +++ b//guardduty/latest/ug/how-malware-protection-for-s3-gdu-works.md @@ -58,0 +59,4 @@ GuardDuty publishes the S3 object scan result event to Amazon EventBridge defaul +###### Important + +GuardDuty uses at-least-once delivery, which means you might receive multiple scan results for the same object. We recommend designing your applications to handle duplicate results. You're billed only once for each scanned object. +