GuardDuty agent release history - Amazon GuardDuty

GuardDuty agent release history

The following sections provide the release version for GuardDuty agent that gets deployed on Amazon EC2 instances, Amazon ECS clusters, and Amazon EKS clusters


    Agent version

    Release notes

    Availability date


    Supports GuardDuty automated agent configuration in Runtime Monitoring for Amazon EC2 instances.

    Supports new security signals and findings released with the announcement of general availability of Runtime Monitoring for EC2 instances.

    General performance improvement.

    March 26, 2024


    Supports the latest Amazon ECS AMIs.

    February 2, 2024


    General performance tuning and enhancements

    Agent versions released prior to v1.0.2 are incompatible with Amazon ECS AMIs launched after January 31, 2024.

    January 23, 2024

    Initial release of the RPM installation.

    Agent versions released prior to v1.0.2 are incompatible with Amazon ECS AMIs launched after January 31, 2024.

    November 26, 2023

    The public key, signature of x86_64 RPM, signature of arm64 RPM, and the corresponding access link to the RPM scripts hosted in Amazon S3 buckets can be formed from the following templates. Replace the value of the AWS Region, AWS account ID, and the GuardDuty agent version to access the RPM scripts. The following templates include the latest agent version for Amazon EC2 instances.

    • Public key:

    • GuardDuty security agent RPM signature:

      Signature of x86_64 RPM
      Signature of arm64 RPM
    • Access links to the RPM scripts in Amazon S3 bucket:

      Access link for x86_64 RPM
      Access link for arm64 RPM
    AWS Region Region name AWS account ID
    eu-west-1 Europe (Ireland) 694911143906
    us-east-1 US East (N. Virginia) 593207742271
    us-east-2 US East (Ohio) 733349766148
    eu-west-3 Europe (Paris) 665651866788
    us-east-2 US East (Ohio) 307168627858
    eu-central-1 Europe (Frankfurt) 323658145986
    ap-northeast-2 Asia Pacific (Seoul) 914738172881
    eu-north-1 Europe (Stockholm) 591436053604
    ap-east-1 Asia Pacific (Hong Kong) 258348409381
    me-south-1 Middle East (Bahrain) 536382113932
    eu-west-2 Europe (London) 892757235363
    ap-northeast-1 Asia Pacific (Tokyo) 533107202818
    ap-southeast-1 Asia Pacific (Singapore) 174946120834
    ap-south-1 Asia Pacific (Mumbai) 251508486986
    ap-southeast-3 Asia Pacific (Jakarta) 510637619217
    sa-east-1 South America (São Paulo) 758426053663
    ap-northeast-3 Asia Pacific (Osaka) 273192626886
    eu-south-1 Europe (Milan) 266869475730
    af-south-1 Africa (Cape Town) 197869348890
    ap-southeast-2 Asia Pacific (Sydney) 005257825471
    me-central-1 Middle East (UAE) 000014521398
    us-west-1 US West (N. California) 684579721401
    ca-central-1 Canada (Central) 354763396469
    ap-south-2 Asia Pacific (Hyderabad) 950823858135
    eu-south-2 Europe (Spain) 919611009337
    eu-central-2 Europe (Zurich) 529164026651
    ap-southeast-4 Asia Pacific (Melbourne) 251357961535
    il-central-1 Israel (Tel Aviv) 870907303882

    The following table shows the release version history for the GuardDuty security agent for Fargate (Amazon ECS only).

    Agent version

    Container image

    Release notes

    Availability date


    x86_64 (AMD64): sha256:83ce3cf2ef85a349ed1797a8cf30a008ac5d8c9f673f2835823957e9dcf71657

    Graviton (ARM64): sha256:0d4b61648d7bdeab8ab8d94684f805498927c7d437d318204dcccfe8c9383dc7

    Supports new security signals and findings

    General performance tuning and enhancements

    May 01, 2024


    x86_64 (AMD64): sha256:9f8cd438fb66f62d09bfc641286439f7ed5177988a314a6021ef4ff880642e68

    Graviton (ARM64): sha256:82c66bb615bd0d1e96db77b1f1fb51dc03220caa593b1962249571bf7147d1b7

    General performance tuning and enhancements

    January 26, 2024


    x86_64 (AMD64): sha256:359b8b014e5076c625daa1056090e522631587a7afa3b2e055edda6bd1141017

    Graviton (ARM64): sha256:b9438690fa8a86067180a11658bec0f4f838ae3fbd225d04b9306250648b3984

    Initial release of GuardDuty security agent for AWS Fargate (Amazon ECS only).

    November 26, 2023

    The following table shows the release version history of Amazon EKS add-on GuardDuty agent.

    Agent version

    Container image

    Release notes

    Availability date

    End of standard support1


    x86_64 (AMD64): sha256:30650708a6601f6d6b9046f54b30f5fd65af296b1e40b8c24426b9bdb07c3ab1

    Graviton (ARM64): sha256:5f637c42ffb306b20f776d9d83e1e0b4be40ce245be44afcf43a8902b4d71019

    General performance tuning and enhancements.

    May 14, 2024


    x86_64 (AMD64): sha256:7dabcbee30d8b053676752fbc19e89f77272d9a6a53cc93731f5872180ef9010

    Graviton (ARM64): sha256:9710f53afccdf4f22b265a1a6fc27f1469403af1f7d5d08c4869a7269cdd2650

    April 29, 2024


    x86_64 (AMD64): sha256:e09a4e70af4058a212f172cc8eb3fc23ad9bed547ed609faa2bb82cf7cc5532d

    Graviton (ARM64): sha256:afc9a3f8f17ae12499d76069efcf1b46271a5a4b2b3f6ba5de54637b8f55d5c6

    • General performance tuning and enhancements.

    • Security enhancements including new event types under Collected runtime event types.

    • Performance enhancements around CPU usage.

    March 07, 2024


    x86_64 (AMD64): sha256:66d491927763742660faa87cc2c39bb97b7873039157ae8b90bc999cb73d0b9c

    Graviton (ARM64): sha256:537a330b2dd82357024fb6daeb8761034b7defd43b10dffe0792c9e6d0778b40

    General performance tuning and enhancements.

    January 16, 2024


    x86_64 (AMD64): sha256:848ce13d9430bad554ac23d4699551505326ada2a88e1a721fe9f86b56b52c0f

    Graviton (ARM64): sha256:0c650aeafeeb5f2bcb8b989ac849bedc1fae1a4de1cf6306ffdd9c6aebe67f8e

    Manifest mount point support better data collection

    AppArmor configuration in manifest

    Collect command line argument

    General performance tuning and enhancements

    December 21, 2023


    x86_64 (AMD64): sha256:55578fcb7b73097ade5c8404390ef16cf76a7b568490abaae01ac75992b3ea29

    Graviton (ARM64): sha256:e3ce8d66ac2121f8d476eb58f8bc50ab51336647615eb7cf514c21421cb818fd

    Important security patches and updates.

    October 23, 2023


    x86_64 (AMD64): sha256:6dace2337dfbb7609811be89fb4b23ae0b865f1027ad78fbe69530bfbd46c694

    Graviton (ARM64): sha256:4928a7c6ef40e77c8ec95841323bb9a110db31f12c0ee7ab965e08b43efd01bb

    Supports Ubuntu platform

    Supports Kubernetes version 1.28

    General performance enhancements and stability improvement.

    October 05, 2023


    x86_64 (AMD64): sha256:d610413d662ec042057f05d6942496d7f2c08e9f5a077ea307ffdb5d3f11bcc3

    Graviton (ARM64): sha256:174d7ab28b2f95e5309da80d95b88ad26f602dfe72c2b351a0ef9297a1412bfa

    In addition to AMD64-based instances, v1.2.0 now also supports ARM64-based instances. Added and verified support for Bottlerocket

    Supports Kubernetes version 1.27

    General performance enhancements and stability improvements.

    June 16, 2023



    In addition to Kubernetes versions supported by GuardDuty security agent, this agent release also supports Kubernetes version 1.26.

    General performance enhancements and stability improvements.

    May 2, 2023

    May 14, 2024



    Initial release of Amazon EKS add-on agent.

    March 30, 2023

    May 14, 2024