From d640086112fa7900ae977da826434a4a67bb87a8 Mon Sep 17 00:00:00 2001
From: gabrielsoltz <thegaby@gmail.com>
Date: Thu, 6 Jun 2019 21:26:10 +0100
Subject: [PATCH] add guardduty regions

---
 checks/check_extra713 | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/checks/check_extra713 b/checks/check_extra713
index cb0f8d5d..ecd5239e 100644
--- a/checks/check_extra713
+++ b/checks/check_extra713
@@ -17,8 +17,17 @@ CHECK_TYPE_extra713="EXTRA"
 CHECK_ALTERNATE_check713="extra713"
 
 extra713(){
+
+  # Guardduty Regions are not the same as REGIONS
+  PYTHON=$(which python)
+  if [ ! -z "${PYTHON}" ]; then
+    GD_REGIONS=$($PYTHON -c "import boto3 ; session = boto3.session.Session() ; print (session.get_available_regions('guardduty'))")
+  else
+    GD_REGIONS=$REGIONS
+  fi
+
   # "Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)"
-  for regx in $REGIONS; do
+  for regx in $GD_REGIONS; do
     LIST_OF_GUARDDUTY_DETECTORS=$($AWSCLI guardduty list-detectors $PROFILE_OPT --region $regx --output text 2> /dev/null | cut -f2)
     if [[ $LIST_OF_GUARDDUTY_DETECTORS ]];then
       while read -r detector;do