AWS_EKS_6
Amazon EKS control plane logging provides audit and diagnostic logs directly from the Amazon EKS control plane to CloudWatch Logs in your account. These logs make it easy for you to secure and run your clusters. You can select the exact log types you need, and logs are sent as log streams to a group for each Amazon EKS cluster in CloudWatch.
From Console :
1. Sign on to your Amazon EKS console at https://console.aws.amazon.com/eks/home#/clusters
2. Choose the name of the cluster to display your cluster information.
3. Under Logging, choose Update.
4. For each individual log type, choose the log type should be Enabled. By default, each log type is Disabled.
5. Choose Update to finish.
From TF:
resource “”aws_eks_cluster”” “”test”” {
name = “”example””
depends_on = [aws_cloudwatch_log_group.example]
+ enabled_cluster_log_types = [“”api””, “”audit””, “”authenticator””, “”controllerManager””, “”scheduler””]
}
Reference :
https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.
