One S3 bucket is needed for this project. The example S3 bucket created in the following steps is named "my-aws-lambda-guardduty". The bucket name is also used in some configuration steps. Due to bucket naming limitations in the S3 service, each bucket should have a globally unique name. Therefore, your bucket should have a different name than the example's. Write down your bucket name, since it is used in other configuration steps.
Create the S3 bucket to store the IP block list. In this example, the bucket is named my-aws-lambda-guardduty. This bucket is required to run this project. Although bucket creation is region-specific, once created, the bucket can be accessed from any region. Do not grant the bucket public access permissions. The Lambda function points to this bucket through its S3_BUCKET environment variable.