Updating security agent
                manually for Amazon EKS resources
When you manage the GuardDuty security agent manually, you are responsible to update it
            for your account. For notification about new agent versions, you can subscribe to an RSS
            feed to GuardDuty security agent release
   versions.
You can update the security agent to the latest version to benefit from the added
            support and improvements. If your current agent version is reaching an end of standard
            support, then to continue using Runtime Monitoring (or EKS Runtime Monitoring), you must update to a next
            available or the latest agent version. 
            - Console
- 
                    - Open the Amazon EKS console at https://console.aws.amazon.com/eks/home#/clusters. 
- 
                            Choose your Cluster name. 
- 
                            Under the Cluster info, choose the 
                                Add-ons tab. 
- 
                            Under the Add-ons tab, select GuardDuty
                                    EKS Runtime Monitoring. 
- 
                            Choose Edit to update the agent
                                details. 
- 
                            On the Configure GuardDuty EKS Runtime Monitoring page, update
                                the details. 
- 
                            (Optional) Updating Optional configuration settingsIf your EKS add-on Version is 1.5.0 
                                or above, you can also update the add-on configuration schema. - 
                                    Expand Optional configuration
                                            settings to view the configuration
                                        schema. 
- 
                                    Update the parameter values based on the range provided in
                                            Configure EKS add-on
   parameters. 
- 
                                    Choose Save changes to start the
                                        update. 
- For Conflict resolution method, the option that you choose will
                                                be used to resolve a conflict when you update the value of a parameter to a non-default value. For more
                                                information about the listed options, see resolveConflicts
                                                in the Amazon EKS API Reference. 
 
 
- API/CLI
- 
                    To update the GuardDuty security agent for your Amazon EKS clusters, see Updating an add-on.  For the add-on version, if you choose 1.5.0 or above, Runtime Monitoring supports
                            configuring specific parameters of the GuardDuty agent. For information
                            about parameter ranges, see Configure EKS add-on
   parameters.
 
You can use the following AWS CLI example when using configurable values
                        supported for add-on versions 1.5.0 and above. Make sure to replace the
                        placeholder values highlighted in red and the associated
                            Example.jsonwith the configured values.
 aws eks update-addon --region us-east-1--cluster-namemyClusterName--addon-name aws-guardduty-agent --addon-versionv1.11.0-eksbuild.2--configuration-values'file://example.json'
 Example.json{
	"priorityClassName": "aws-guardduty-agent.priorityclass-high",
	"dnsPolicy": "Default",
	"resources": {
		"requests": {
			"cpu": "237m",
			"memory": "512Mi"
		},
		"limits": {
			"cpu": "2000m",
			"memory": "2048Mi"
		}
	}	
}
 
If your Amazon EKS add-on version is 1.5.0 or above, and you have configured the add-on
            schema, you can verify whether or not the values appear correctly for your cluster. For
            more information, see Verifying configuration schema
   updates.