Hello ,

Thank you for posting your question on the AWS Repost, my name is Rochak and it will be a pleasure assisting you with this today.

I understand you would like to know how you can get all of the detectors that are enabled in your environment. Please, let me know if my understanding is incorrect.

“ Get Detector” API call retrieves an Amazon GuardDuty detector specified by the detectorId. Please note that there might be regional differences because some data sources might not be available in all the AWS Regions where GuardDuty is presently supported. [1][2]

If you don’t know the detector id, please use “list-detectors” for this. This will lists detectorIds of all the existing Amazon GuardDuty detector resources. list-detectors is a paginated operation. Multiple API calls may be issued in order to retrieve the entire data set of results. You can disable pagination by providing the --no-paginate argument. When using --output text and the --query argument on a paginated response, the --query argument must extract data from the results of the following query expressions: DetectorIds [3]

The AWS::GuardDuty::Detector resource specifies a new GuardDuty detector. A detector is an object that represents the GuardDuty service. A detector is required for GuardDuty to become operational. Make sure you use either DataSources or Features in a one request, and not both.[4]

I hope this helps. If you need further info, let me know in the comments; otherwise I'd appreciate if you mark my answer as "accepted".

Kind regards, Rochak from AWS

References:

[1] Get Detector https://docs.aws.amazon.com/guardduty/latest/APIReference/API_GetDetector.html

[2] GuardDuty regions and endpoints https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_regions.html

[3] list-detectors GuardDuty https://docs.aws.amazon.com/cli/latest/reference/guardduty/list-detectors.html

[4] AWS GuardDuty Detector https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-guardduty-detector.html

aws guardduty list-detectors lists the available detectors in your current AWS region. You can loop this through list of regions on shell or in python.