Posted On: Apr 14, 2022

Amazon GuardDuty for EKS Protection is now available in the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD. Amazon GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior to help customers protect their accounts, workloads, and data. Amazon GuardDuty for EKS Protection monitors Kubernetes audit logs to identify suspicious activity, such as API operations performed by known malicious or anonymous users, misconfigurations that can result in unauthorized access to Amazon Elastic Kubernetes Services (Amazon EKS) clusters, and patterns consistent with privilege-escalation techniques.

Existing GuardDuty customers can enable their 30-day EKS Protection free trial with a few clicks in the Amazon GuardDuty console Kubernetes Protection page. For new accounts, GuardDuty for EKS Protection will be part of the 30-day Amazon GuardDuty free trial. During the trial period you can see the estimated costs in the GuardDuty Console Usage page. GuardDuty optimizes your costs by only processing logs relevant for analysis. To receive programmatic updates on new Amazon GuardDuty features and threat detections, subscribe to the Amazon GuardDuty SNS topic.

To learn more about Amazon GuardDuty for EKS Protection and to find a full list of new EKS finding types, see the Amazon GuardDuty user guide.