Required IAM permissions Additional information

Amazon GuardDuty agent

The Amazon GuardDuty agent Amazon EKS add-on is is a security monitoring service that analyzes and processes foundational data sources including AWS CloudTrail management events and Amazon VPC flow logs. Amazon GuardDuty also processes features, such as Kubernetes audit logs and runtime monitoring.

The Amazon EKS add-on name is aws-guardduty-agent.

Required IAM permissions

This add-on doesn't require any permissions.

Additional information

For more information, see Runtime Monitoring for Amazon EKS clusters in Amazon GuardDuty.

To detect potential security threats in your Amazon EKS clusters, enable Amazon GuardDuty runtime monitoring and deploy the GuardDuty security agent to your Amazon EKS clusters.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS Distro for OpenTelemetry

Amazon CloudWatch Observability agent