Topic 1 Question 146
A company uses AWS Organizations and has Amazon Elastic Kubernetes Service (Amazon EKS) clusters in many AWS accounts. A security engineer integrates Amazon EKS with AWS CloudTrail. The CloudTrail trails are stored in an Amazon S3 bucket in each account to monitor API calls. The security engineer observes that CloudTrail logs are not displaying Kubernetes pod creation events.
What should the security engineer do to view the Kubernetes events from Amazon CloudWatch?
Configure the EKS clusters to use private S3 VPC endpoints. Configure the S3 buckets for logging.
Enable Kubernetes API server component logs for each cluster.
Enable cross-origin resource sharing (CORS) in the S3 bucket that is used for logging.
Configure CloudWatch. View the events in the CloudWatch console.
ユーザの投票
コメント(2)
- 👍 4Zek2024/11/13
- 正解だと思う選択肢: B
The correct answer is B. The security engineer should enable Kubernetes API server component logs for each cluster. This is because the API server component logs contain details about the Kubernetes events such as pod creation, which are not included in the AWS CloudTrail logs. Once these logs are enabled, they can be viewed from Amazon CloudWatch.
👍 4Certified1012024/11/19
シャッフルモード