AWS CLI で Amazon GuardDuty の EKS ランタイムモニタリングを有効化・無効化する
2023 年 3 月に Amazon GuardDuty において EKS ランタイムモニタリング機能が提供開始されました。この機能を全てのリージョンで有効化・無効化を試す機会がありましたので、備忘録を兼ねてブログにします。AWS CLI で設定しています。
先にコマンドだけ記載
単一リージョンと全てのリージョンで EKS ランタイムモニタリングとエージェントを自動的に関する機能を有効化するコマンドです。
有効化コマンドにおいてEKS_ADDON_MANAGEMENTをDISABLEDに書き換えることで「エージェントを自動的に管理する」を無効として設定できます。
単一リージョンの EKS ランタイムモニタリングの有効化コマンド
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"ENABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"ENABLED"}]}'
単一リージョンの EKS ランタイムモニタリングの無効化コマンド
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"DISABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"DISABLED"}]}'
単一リージョンの EKS ランタイムモニタリングの設定状況確認コマンド
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty get-detector \
--detector-id ${detector} \
--query "Features[7]"
全てのリージョンの EKS ランタイムモニタリングの有効化コマンド
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Enable EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--region ${region} \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"ENABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"ENABLED"}]}'
done
全てのリージョンの EKS ランタイムモニタリングの無効化コマンド
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Disable EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--region ${region} \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"DISABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"DISABLED"}]}'
done
全てのリージョンの EKS ランタイムモニタリングの設定状況確認コマンド
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Get EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty get-detector \
--region ${region} \
--detector-id ${detector} \
--query "Features[7]"
done
AWS CLI で EKS ランタイムモニタリングを設定
Amazon GuardDuty が有効化されている環境で、単一リージョンと全てのリージョンの有効化・無効化設定を両方試しています。
EKS ランタイムモニタリングの有効化と無効化は次のコマンドで実行できます。オプションで EKS ランタイムモニタリングの設定を指定します。
単一リージョンの有効化・無効化
単一リージョンで EKS ランタイムモニタリングを有効化してみます。
EKS ランタイムモニタリングの有効化
次の AWS CLI コマンドで有効化できます。
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"ENABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"ENABLED"}]}'
実行結果例です。エラーがない場合は出力内容はありません。
$ detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text);
$ aws guardduty update-detector \
> --detector-id ${detector} \
> --features '{"Name":"EKS_RUNTIME_MONITORING","Status":"ENABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"ENABLED"}]}'
featuresオプションで有効化する GuardDuty のオプション保護を指定できます。EKS ランタイムモニタリングの場合は次の JSON を渡すことで設定できます。
{
"Name" : "EKS_RUNTIME_MONITORING",
"Status" : "ENABLED",
"AdditionalConfiguration" : [
{
"Name" : "EKS_ADDON_MANAGEMENT",
"Status" : "ENABLED"
}
]
}
EKS_RUNTIME_MONITORINGが下記画像における「EKS ランタイムモニタリング」設定に該当し、EKS_ADDON_MANAGEMENTが「エージェントを自動的に管理する」設定に該当します。
次のコマンドで EKS ランタイムモニタリングの設定状況を確認できます。
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty get-detector \
--detector-id ${detector} \
--query "Features[7]"
実行結果例です。ENABLEDになっていることが確認できます。
$ detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
$ aws guardduty get-detector \
> --detector-id ${detector} \
> --query "Features[7]"
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:47:24+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:47:24+00:00"
}
]
}
queryオプションで出力内容を EKS ランタイムモニタリングの設定に限定しています。
EKS ランタイムモニタリングの無効化
次の AWS CLI コマンドで無効化できます。
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"DISABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"DISABLED"}]}'
実行結果例です。エラーがない場合は出力内容はありません。
$ detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
$ aws guardduty update-detector \
> --detector-id ${detector} \
> --features '{"Name":"EKS_RUNTIME_MONITORING","Status":"DISABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"DISABLED"}]}'
featuresオプションで指定している JSON です。
{
"Name" : "EKS_RUNTIME_MONITORING",
"Status" : "DISABLED",
"AdditionalConfiguration" : [
{
"Name" : "EKS_ADDON_MANAGEMENT",
"Status" : "DISABLED"
}
]
}
次のコマンドで EKS ランタイムモニタリングの設定状況を確認できます。
detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
aws guardduty get-detector \
--detector-id ${detector} \
--query "Features[7]"
実行結果例です。DISABLEDになっていることが確認できます。
$ detector=$(aws guardduty list-detectors --query "DetectorIds[0]" --output text)
$ aws guardduty get-detector \
> --detector-id ${detector} \
> --query "Features[7]"
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T16:50:40+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T16:50:40+00:00"
}
]
}
全てのリージョンの有効化・無効化
全てのリージョンで EKS ランタイムモニタリングを有効化してみます。
EKS ランタイムモニタリングの有効化
次の AWS CLI コマンドで有効化できます。
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Enable EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--region ${region} \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"ENABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"ENABLED"}]}'
done
実行結果例です。
$ aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
> | while read region; do
> echo "### Enable EKS runtime monitoring in ${region}"
> detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
> aws guardduty update-detector \
> --region ${region} \
> --detector-id ${detector} \
> --features '{"Name":"EKS_RUNTIME_MONITORING","Status":"ENABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"ENABLED"}]}'
> done
### Enable EKS runtime monitoring in ap-south-1
### Enable EKS runtime monitoring in eu-north-1
### Enable EKS runtime monitoring in eu-west-3
### Enable EKS runtime monitoring in eu-west-2
### Enable EKS runtime monitoring in eu-west-1
### Enable EKS runtime monitoring in ap-northeast-3
### Enable EKS runtime monitoring in ap-northeast-2
### Enable EKS runtime monitoring in ap-northeast-1
### Enable EKS runtime monitoring in ca-central-1
### Enable EKS runtime monitoring in sa-east-1
### Enable EKS runtime monitoring in ap-southeast-1
### Enable EKS runtime monitoring in ap-southeast-2
### Enable EKS runtime monitoring in eu-central-1
### Enable EKS runtime monitoring in us-east-1
### Enable EKS runtime monitoring in us-east-2
### Enable EKS runtime monitoring in us-west-1
### Enable EKS runtime monitoring in us-west-2
実行コマンドの説明は上述の単一リージョンの設定に記載しています。
EKS ランタイムモニタリングの設定状況の確認コマンドです。
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Get EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty get-detector \
--region ${region} \
--detector-id ${detector} \
--query "Features[7]"
done
実行結果例です(長いので折りたたんでいます)。
実行結果
$ aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
> | while read region; do
> echo "### Get EKS runtime monitoring in ${region}"
> detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
> aws guardduty get-detector \
> --region ${region} \
> --detector-id ${detector} \
> --query "Features[7]"
> done
### Get EKS runtime monitoring in ap-south-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:11+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:11+00:00"
}
]
}
### Get EKS runtime monitoring in eu-north-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:16+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:16+00:00"
}
]
}
### Get EKS runtime monitoring in eu-west-3
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:20+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:20+00:00"
}
]
}
### Get EKS runtime monitoring in eu-west-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:23+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:23+00:00"
}
]
}
### Get EKS runtime monitoring in eu-west-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:28+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:28+00:00"
}
]
}
### Get EKS runtime monitoring in ap-northeast-3
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:31+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:31+00:00"
}
]
}
### Get EKS runtime monitoring in ap-northeast-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:33+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:33+00:00"
}
]
}
### Get EKS runtime monitoring in ap-northeast-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:35+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:35+00:00"
}
]
}
### Get EKS runtime monitoring in ca-central-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:40+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:40+00:00"
}
]
}
### Get EKS runtime monitoring in sa-east-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:44+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:44+00:00"
}
]
}
### Get EKS runtime monitoring in ap-southeast-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:47+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:47+00:00"
}
]
}
### Get EKS runtime monitoring in ap-southeast-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:49+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:49+00:00"
}
]
}
### Get EKS runtime monitoring in eu-central-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:54+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:54+00:00"
}
]
}
### Get EKS runtime monitoring in us-east-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:58+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:56:58+00:00"
}
]
}
### Get EKS runtime monitoring in us-east-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:57:01+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:57:01+00:00"
}
]
}
### Get EKS runtime monitoring in us-west-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:57:05+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:57:05+00:00"
}
]
}
### Get EKS runtime monitoring in us-west-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:57:07+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "ENABLED",
"UpdatedAt": "2023-07-25T16:57:07+00:00"
}
]
}
EKS ランタイムモニタリングの無効化
次の AWS CLI コマンドで無効化できます。
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Disable EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty update-detector \
--region ${region} \
--detector-id ${detector} \
--features '{"Name":"EKS_RUNTIME_MONITORING","Status":"DISABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"DISABLED"}]}'
done
実行結果例です。
$ aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
> | while read region; do
> echo "### Disable EKS runtime monitoring in ${region}"
> detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
> aws guardduty update-detector \
> --region ${region} \
> --detector-id ${detector} \
> --features '{"Name":"EKS_RUNTIME_MONITORING","Status":"DISABLED","AdditionalConfiguration":[{"Name":"EKS_ADDON_MANAGEMENT","Status":"DISABLED"}]}'
> done
### Disable EKS runtime monitoring in ap-south-1
### Disable EKS runtime monitoring in eu-north-1
### Disable EKS runtime monitoring in eu-west-3
### Disable EKS runtime monitoring in eu-west-2
### Disable EKS runtime monitoring in eu-west-1
### Disable EKS runtime monitoring in ap-northeast-3
### Disable EKS runtime monitoring in ap-northeast-2
### Disable EKS runtime monitoring in ap-northeast-1
### Disable EKS runtime monitoring in ca-central-1
### Disable EKS runtime monitoring in sa-east-1
### Disable EKS runtime monitoring in ap-southeast-1
### Disable EKS runtime monitoring in ap-southeast-2
### Disable EKS runtime monitoring in eu-central-1
### Disable EKS runtime monitoring in us-east-1
### Disable EKS runtime monitoring in us-east-2
### Disable EKS runtime monitoring in us-west-1
### Disable EKS runtime monitoring in us-west-2
実行コマンドの説明は上述の単一リージョンの設定に記載しています。
EKS ランタイムモニタリングの設定状況の確認コマンドです。
aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
| while read region; do
echo "### Get EKS runtime monitoring in ${region}"
detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
aws guardduty get-detector \
--region ${region} \
--detector-id ${detector} \
--query "Features[7]"
done
実行結果例です(長いので折りたたんでいます)。
実行結果
$ aws ec2 describe-regions --query "Regions[].[RegionName]" --output text \
> | while read region; do
> echo "### Get EKS runtime monitoring in ${region}"
> detector=$(aws guardduty list-detectors --region ${region} --query "DetectorIds[0]" --output text)
> aws guardduty get-detector \
> --region ${region} \
> --detector-id ${detector} \
> --query "Features[7]"
> done
### Get EKS runtime monitoring in ap-south-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:41+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:41+00:00"
}
]
}
### Get EKS runtime monitoring in eu-north-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:46+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:46+00:00"
}
]
}
### Get EKS runtime monitoring in eu-west-3
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:50+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:50+00:00"
}
]
}
### Get EKS runtime monitoring in eu-west-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:55+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:55+00:00"
}
]
}
### Get EKS runtime monitoring in eu-west-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:59+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:02:59+00:00"
}
]
}
### Get EKS runtime monitoring in ap-northeast-3
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:03+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:03+00:00"
}
]
}
### Get EKS runtime monitoring in ap-northeast-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:06+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:06+00:00"
}
]
}
### Get EKS runtime monitoring in ap-northeast-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:08+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:08+00:00"
}
]
}
### Get EKS runtime monitoring in ca-central-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:11+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:11+00:00"
}
]
}
### Get EKS runtime monitoring in sa-east-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:15+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:15+00:00"
}
]
}
### Get EKS runtime monitoring in ap-southeast-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:18+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:18+00:00"
}
]
}
### Get EKS runtime monitoring in ap-southeast-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:21+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:21+00:00"
}
]
}
### Get EKS runtime monitoring in eu-central-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:24+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:24+00:00"
}
]
}
### Get EKS runtime monitoring in us-east-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:28+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:28+00:00"
}
]
}
### Get EKS runtime monitoring in us-east-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:31+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:31+00:00"
}
]
}
### Get EKS runtime monitoring in us-west-1
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:34+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:34+00:00"
}
]
}
### Get EKS runtime monitoring in us-west-2
{
"Name": "EKS_RUNTIME_MONITORING",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:36+00:00",
"AdditionalConfiguration": [
{
"Name": "EKS_ADDON_MANAGEMENT",
"Status": "DISABLED",
"UpdatedAt": "2023-07-25T17:03:36+00:00"
}
]
}
以上で、AWS CLI を用いた EKS ランタイムモニタリングの有効化と無効化の説明は終わりです。
さいごに
2023 年 3 月に EKS ランタイムモニタリング機能が提供開始され、AWS CLI で全てのリージョンの有効化・無効化を試す機会がありましたので、ブログにまとめました。コマンドのオプションとして指定する値を一度理解すれば、他のオプション保護も設定できます。
以上、このブログがどなたかのご参考になれば参考です。
![[アップデート]Amazon GuardDuty S3マルウェア保護機能有効化時のIAMロール作成が非常に楽になりました!](https://images.ctfassets.net/ct0aopd36mqt/wp-thumbnail-f1f1e80330aaa8917410e012de277155/263838c1009bccfef2d8a98f11615f2d/amazon-guardduty)
![[コスト大事] Amazon Athena で S3 の大量オブジェクトをクエリする場合はスキャン量だけでなくリクエスト量も意識しよう](https://images.ctfassets.net/ct0aopd36mqt/wp-thumbnail-764c44f07bcd41184fe62a432ae120ab/512a4cdcd05a0ed3ddea950fdf619fa0/amazon-athena)
