:doc:`GuardDuty <../../guardduty>` / Client / create_malware_protection_plan

******************************
create_malware_protection_plan
******************************



.. py:method:: GuardDuty.Client.create_malware_protection_plan(**kwargs)

  

  Creates a new Malware Protection plan for the protected resource.

   

  When you create a Malware Protection plan, the Amazon Web Services service terms for GuardDuty Malware Protection apply. For more information, see `Amazon Web Services service terms for GuardDuty Malware Protection <http://aws.amazon.com/service-terms/#87._Amazon_GuardDuty>`__.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/CreateMalwareProtectionPlan>`_  


  **Request Syntax**
  ::

    response = client.create_malware_protection_plan(
        ClientToken='string',
        Role='string',
        ProtectedResource={
            'S3Bucket': {
                'BucketName': 'string',
                'ObjectPrefixes': [
                    'string',
                ]
            }
        },
        Actions={
            'Tagging': {
                'Status': 'ENABLED'|'DISABLED'
            }
        },
        Tags={
            'string': 'string'
        }
    )
    
  :type ClientToken: string
  :param ClientToken: 

    The idempotency token for the create request.

    This field is autopopulated if not provided.

  
  :type Role: string
  :param Role: **[REQUIRED]** 

    Amazon Resource Name (ARN) of the IAM role that has the permissions to scan and add tags to the associated protected resource.

    

  
  :type ProtectedResource: dict
  :param ProtectedResource: **[REQUIRED]** 

    Information about the protected resource that is associated with the created Malware Protection plan. Presently, ``S3Bucket`` is the only supported protected resource.

    

  
    - **S3Bucket** *(dict) --* 

      Information about the protected S3 bucket resource.

      

    
      - **BucketName** *(string) --* 

        Name of the S3 bucket.

        

      
      - **ObjectPrefixes** *(list) --* 

        Information about the specified object prefixes. The S3 object will be scanned only if it belongs to any of the specified object prefixes.

        

      
        - *(string) --* 

        
    
    
  
  :type Actions: dict
  :param Actions: 

    Information about whether the tags will be added to the S3 object after scanning.

    

  
    - **Tagging** *(dict) --* 

      Indicates whether the scanned S3 object will have tags about the scan result.

      

    
      - **Status** *(string) --* 

        Indicates whether or not the tags will added.

        

      
    
  
  :type Tags: dict
  :param Tags: 

    Tags added to the Malware Protection plan resource.

    

  
    - *(string) --* 

    
      - *(string) --* 

      


  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'MalwareProtectionPlanId': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **MalwareProtectionPlanId** *(string) --* 

        A unique identifier associated with the Malware Protection plan resource.

        
  
  **Exceptions**
  
  *   :py:class:`GuardDuty.Client.exceptions.BadRequestException`

  
  *   :py:class:`GuardDuty.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`GuardDuty.Client.exceptions.ConflictException`

  
  *   :py:class:`GuardDuty.Client.exceptions.InternalServerErrorException`

  