Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Can we turn off Cloudwatch logs when running ecs:execute-command API?

0

We log into our containers from time to time using execute-command and notice that all our activities get logged directly to CloudWatch.

Is there any way to stop your activity logs from going to CloudWatch when using the execute-command api? This could easily result in leaking secrets from environment variables as you innocently go about checking things ...

Tópicos
Gestão e governançaContêineresAWS Well-Architected Framework
Tags
Gerenciador de sistemas da AWSServiço de contêiner elástico da AmazonSegurança
Idioma
English
Arman
feita há 8 meses464 visualizações
2 Respostas
2

Hi, you can turn off the logging of the execute-command session by setting the logging option of your cluster to NONE.

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html#ecs-exec-logging

profile picture
HS
respondido há 8 meses
profile picture
ESPECIALISTA
Gary Mclean
avaliado há 8 meses
profile pictureAWS
ESPECIALISTA
Jose Guay
avaliado há 8 meses
0

Hello.

Modify your log driver https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html to adjust the logging configuration. He supports various logging drivers, such as json-file, awslogs etc. You can configure the logging driver to meet your specific needs.

Best regards, Andrii

profile picture
ESPECIALISTA
Andrii S
respondido há 8 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante