Troubleshooting ec2 Guardduty runtime agent not reporting

I am following the steps to enable the GuardDuty security agent on my ec2 instances which are used in a ecs cluster.

The ec2 instance is running and when I run sudo systemctl status amazon-guardduty-agent

it shows

amzn_guardduty_agent_ecs: GuardDuty agent started
amzn_guardduty_agent_ecs: Type Ctrl+C to terminate

I've crated a VPC endpoint with private subnet the ec2 instance is in, with dns enabled and a security group applied allowing 443 inbound from 0.0.0.0/0 but it's still reporting as agent no reporting in the AWS Guardduty dashboard.

What is the endpoint that is called / is there any further troubleshooting I can do from the ec2 instance?