GuardDuty / Client / create_malware_protection_plan



Creates a new Malware Protection plan for the protected resource.

When you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware Protection apply. For more information, see Amazon Web Services service terms for GuardDuty Malware Protection.

See also: AWS API Documentation

Request Syntax

response = client.create_malware_protection_plan(
        'S3Bucket': {
            'BucketName': 'string',
            'ObjectPrefixes': [
        'Tagging': {
            'Status': 'ENABLED'|'DISABLED'
        'string': 'string'
  • ClientToken (string) –

    The idempotency token for the create request.

    This field is autopopulated if not provided.

  • Role (string) –


    IAM role with permissions required to scan and add tags to the associated protected resource.

  • ProtectedResource (dict) –


    Information about the protected resource that is associated with the created Malware Protection plan. Presently, S3Bucket is the only supported protected resource.

    • S3Bucket (dict) –

      Information about the protected S3 bucket resource.

      • BucketName (string) –

        Name of the S3 bucket.

      • ObjectPrefixes (list) –

        Information about the specified object prefixes. The S3 object will be scanned only if it belongs to any of the specified object prefixes.

        • (string) –

  • Actions (dict) –

    Information about whether the tags will be added to the S3 object after scanning.

    • Tagging (dict) –

      Indicates whether the scanned S3 object will have tags about the scan result.

      • Status (string) –

        Indicates whether or not the tags will added.

  • Tags (dict) –

    Tags added to the Malware Protection plan resource.

    • (string) –

      • (string) –

Return type:



Response Syntax

    'MalwareProtectionPlanId': 'string'

Response Structure

  • (dict) –

    • MalwareProtectionPlanId (string) –

      A unique identifier associated with the Malware Protection plan resource.


  • GuardDuty.Client.exceptions.BadRequestException

  • GuardDuty.Client.exceptions.AccessDeniedException

  • GuardDuty.Client.exceptions.ConflictException

  • GuardDuty.Client.exceptions.InternalServerErrorException