AWS guardduty documentation change
Summary
Clarified how GuardDuty accesses VPC flow log data, emphasizing that users don't need to create or configure VPC flow logs for GuardDuty to access this data
Security assessment
This is a documentation clarification about how GuardDuty, a security monitoring service, collects VPC flow log data. The change improves understanding of the service's data collection mechanism but doesn't address any security vulnerability or incident.
Diff
diff --git a/guardduty/latest/ug/guardduty_data-sources.md b/guardduty/latest/ug/guardduty_data-sources.md index 504ec3f0c..ec68a3fef 100644 --- a//guardduty/latest/ug/guardduty_data-sources.md +++ b//guardduty/latest/ug/guardduty_data-sources.md @@ -65 +65 @@ The VPC Flow Logs feature of Amazon VPC captures information about the IP traffi -When you enable GuardDuty, it immediately starts analyzing your VPC flow logs from Amazon EC2 instances within your account. It consumes VPC flow log events directly from the VPC Flow Logs feature through an independent and duplicate stream of flow logs. This process does not affect any of your existing flow logs configuration. +When you enable GuardDuty, it immediately starts analyzing VPC flow log data from Amazon EC2 instances within your account. GuardDuty consumes this data through an independent and duplicate stream of flow logs. You don't need to create or configure VPC flow logs in your account for GuardDuty to access this data. This process does not affect any of your existing flow logs configuration.