Troubleshooting ec2 Guardduty runtime agent not reporting

0

I am following the steps to enable the GuardDuty security agent on my ec2 instances which are used in a ecs cluster.

The ec2 instance is running and when I run sudo systemctl status amazon-guardduty-agent

it shows

amzn_guardduty_agent_ecs: GuardDuty agent started
amzn_guardduty_agent_ecs: Type Ctrl+C to terminate

I've crated a VPC endpoint with private subnet the ec2 instance is in, with dns enabled and a security group applied allowing 443 inbound from 0.0.0.0/0 but it's still reporting as agent no reporting in the AWS Guardduty dashboard.

What is the endpoint that is called / is there any further troubleshooting I can do from the ec2 instance?

질문됨 6달 전407회 조회
2개 답변
0

The IAM role assigned to the EC2 hosts must have the policy AWSServiceRoleForAmazonGuardDuty

Is this the case?

profile picture
전문가
답변함 6달 전
  • I didn't see that documented anywhere - but it turns out I missed a step on the guide. Under Additional settings, choose Enable DNS name.

0

Validate Prerequisites for Amazon EC2 instance support here - https://docs.aws.amazon.com/guardduty/latest/ug/prereq-runtime-monitoring-ec2-support.html

profile picture
답변함 6달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠