A standalone account owns the decision to enable or disable a protection plan in their AWS account in a specific AWS Region.
If your account is associated with a GuardDuty administrator account through AWS Organizations, or by the method of invitation, this section doesn't apply to your account. For more information, see Enabling Runtime Monitoring for multiple-account environments.
After you enable Runtime Monitoring, ensure to install GuardDuty security agent through automated configuration or manual deployment. As a part of completing all the steps listed in the following procedure, make sure to install the security agent.
To enable Runtime Monitoring in standalone account
Sign in to the AWS Management Console and open the GuardDuty console at https://console.aws.amazon.com/guardduty/
. -
In the navigation pane, choose Runtime Monitoring.
-
Under the Configuration tab, choose Enable to enable Runtime Monitoring for your account.
-
For GuardDuty to receive the runtime events from one or more resource types – an Amazon EC2 instance, Amazon ECS cluster, or an Amazon EKS cluster, use the following options to manage the security agent for these resources:
To enable GuardDuty security agent
