Q22 — AWS SCS-C02 Ch.1

Question 22 of 100 | ← Chapter 1

A company uses Amazon Elastic Kubernetes Service (Amazon EKS) clusters to run its Kubernetes-based applications.The company uses Amazon GuardDuty to protecttheapplications. EKS Protection is enabled in GuardDuty. However, the coresponding GuardDuty feature is not monitoring the Kubernetes-based applications. Which solution willcause GuardDuty to monitor the Kubernetes-based applications?

Correct Answer: D. Enable the control plane logs in Amazon EKS. Ensure that the logs are ingested into Amazon CloudWatch.

Explanation

Amazon GuardDuty的EKS保护功能依赖EKS控制平面日志来检测Kubernetes层面的威胁。仅启用EKS保护功能而不提供相关日志数据,GuardDuty无法监控Kubernetes应用。通过在Amazon EKS中启用控制平面日志(涵盖API服务器、控制器管理器、调度器和etcd等组件),并将这些日志摄取到Amazon CloudWatch,GuardDuty才能获取必要的日志信息,从而实现对Kubernetes应用的安全监控。