Removing Runtime Monitoring from an Amazon ECS cluster
You can remove Runtime Monitoring from a cluster. This causes GuardDuty to stop monitoring all resources in the cluster.
To remove Runtime Monitoring from a cluster
-
Use the Amazon ECS console or AWS CLI to set the
GuardDutyManaged
tag key on the cluster tofalse
. For more information, see Updating a cluster or Working with tags using the CLI or API.Note
The Key and Value are case sensitive and must exactly match the strings.
Key =
GuardDutyManaged
, Value =false
-
Uninstall the GuardDuty security agent on you EC2 container instances in the cluster.
For more information, see Uninstalling the security agent manually in the GuardDuty User Guide.
-
Delete the GuardDuty VPC endpoint for each cluster VPC. For more information about how to delete VPC endpoints, see Delete an interface endpoint in the AWS PrivateLink User Guide.