Amazon ECS now publishes Amazon CloudTrail data events for insight into API activities
Amazon Elastic Container Service (Amazon ECS) now supports Amazon CloudTrail data events, providing detailed visibility into Amazon ECS Agent API activities. This new capability enables customers to monitor, audit, and troubleshoot container instance operations.
With CloudTrail data event support, security and operations teams can now maintain comprehensive audit trails of ECS Agent API activities, detect unusual access patterns, and troubleshoot Amazon ECS agent communication issues more effectively. Customers can opt in to receive detailed logging through the new data event resource type AWS::ECS::ContainerInstance for ECS agent activities, including when the ECS agent polls for work (ecs:Poll) and starts telemetry sessions (ecs:StartTelemetrySession). This enhanced visibility enables teams to better understand how container instance roles are utilized, meet compliance requirements for API activity monitoring, and quickly diagnose operational issues related to agent communications.
This new feature is available on Amazon ECS on EC2 in all Amazon Web Services regions, including the Amazon Web Services China (Beijing) Region, operated by Sinnet and the Amazon Web Services China (Ningxia) Region, operated by NWCD. Standard CloudTrail data event charges apply. To learn more, visit the Developer Guide.