Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Can we turn off Cloudwatch logs when running ecs:execute-command API?

0

We log into our containers from time to time using execute-command and notice that all our activities get logged directly to CloudWatch.

Is there any way to stop your activity logs from going to CloudWatch when using the execute-command api? This could easily result in leaking secrets from environment variables as you innocently go about checking things ...

Temas
Gestión y gobiernoContenedoresAWS Well-Architected Framework
Etiquetas
AWS Systems ManagerAmazon Elastic Container ServiceSeguridad
Idioma
English
Arman
preguntada hace 8 meses464 visualizaciones
2 Respuestas
2

Hi, you can turn off the logging of the execute-command session by setting the logging option of your cluster to NONE.

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html#ecs-exec-logging

profile picture
HS
respondido hace 8 meses
profile picture
EXPERTO
Gary Mclean
revisado hace 8 meses
profile pictureAWS
EXPERTO
Jose Guay
revisado hace 8 meses
0

Hello.

Modify your log driver https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html to adjust the logging configuration. He supports various logging drivers, such as json-file, awslogs etc. You can configure the logging driver to meet your specific needs.

Best regards, Andrii

profile picture
EXPERTO
Andrii S
respondido hace 8 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante