#!/bin/bash

# A script to enable AWS GuardDuty and then clean up using AWS CLI.

# --- Configuration ---
REGION="us-east-1"

# --- 1. Create GuardDuty Detector ---
echo "--- Creating GuardDuty Detector ---"
DETECTOR_ID=$(aws guardduty create-detector \
  --enable \
  --region $REGION \
  --query 'DetectorId' --output text)

echo "GuardDuty Detector created with ID: $DETECTOR_ID"

# --- 2. Output Detector ID ---
echo -e "\n--- GuardDuty Enabled Successfully! ---"
echo "Detector ID: $DETECTOR_ID"
echo "GuardDuty is now monitoring your AWS account for malicious activity."

read -p "Press Enter to delete the GuardDuty Detector..."

# --- Clean Up ---
echo -e "\n--- Cleaning up resources ---"

# Delete GuardDuty Detector
echo "Deleting GuardDuty Detector '$DETECTOR_ID'வுகளை..."
aws guardduty delete-detector \
  --detector-id $DETECTOR_ID \
  --region $REGION

echo "GuardDuty Detector deleted."

echo -e "\n--- GuardDuty demonstration and cleanup complete ---"