Get your AWS GuardDuty Credentials
There are two options for entitling Cloud Exchange to pull IoC information from your GuardDuty service: using an access/secret key, or an AWS session token. AWS recommends the latter when Cloud Exchange is running in an AWS environment.
Log in to your AWS Console.
Click on the top right corner; you will see a screen similar to that shown below.
Scroll down and you’ll see the “Create access key” button as shown below.
Click Create access key. AWS will automatically create an access key and secret access key to use in Threat Exchange.
Copy the Access and Secret access keys.
Note
The Secret access key will only be shown once, so store it in a safe location for later use
You can obtain a session token via API or through the SDK. Refer to the links below:
https://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html
Open the AWS GuardDuty console.
Go to Settings.
Copy the Detector ID for later use.