EKS clusters should have audit logs enabled

Documentos > Datadog Security > OOTB Rules > EKS clusters should have audit logs enabled

Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

This control checks if an Amazon EKS cluster has audit logging enabled. It fails if the audit logging is not activated for the cluster. EKS control plane logging sends audit and diagnostic logs directly from the EKS control plane to Amazon CloudWatch Logs in your account. You can choose specific log types, and logs will be sent as log streams to a group for each EKS cluster within CloudWatch. Logging offers insight into the access and performance of EKS clusters. By routing EKS control plane logs for your clusters to CloudWatch Logs, you can centrally record operations for auditing and diagnostic purposes.

Remediation

To enable audit logs for your EKS cluster, see Enabling and disabling control plane logs in the Amazon EKS User Guide.