Sysdig on AWS Outpost

This repository contains instructions and tests for compatibility of Sysdig Monitor and Sysdig Secure on AWS Outpost infraestructure.

About Sysdig

The Sysdig Secure DevOps Platform converges security and compliance with performance and capacity monitoring to create a secure DevOps workflow.

Find more information at Sysdig official website.

About AWS Outpost

AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. AWS Outposts offers you the same AWS hardware infrastructure, services, APIs, and tools to build and run your applications on premises and in the cloud for a truly consistent hybrid experience. AWS compute, storage, database, and other services run locally on Outposts, and you can access the full range of AWS services available in the Region to build, manage, and scale your on-premises applications using familiar AWS services and tools.

Find more information at AWS Outpost official website.

Use cases

Essential use cases

Advanced use cases

Compatibility summary

In summary, AWS Outpost performs exactly as AWS Cloud when you deploy Sysdig.


See more details about prerequisites at the official documentation.


Follow these steps for installing the Sysdig Agent using the “Vanilla Kubernetes” variant, and setting up Kubernetes audit log with CloudWatch:


Visit Technical Support section on Sysdig website for assistance using Sysdig on AWS Outpost.


Diagram for an EKS installation of Sysdig using SaaS platform:

AWS Outpost Sysdig Architecture, showing daemonset install Sysdig agent on each node of a Kubernetes cluster on AWS Outpost, reading Kubernetes audit log events from CloudWatch, and reporting to external Sysdig platform

Key features:

High Availability

For Agent: By installing as a daemonset, Kubernetes ensures that all nodes run a copy of the Sysdig agent. If a node fails, workloads will be started by Kubernetes on alternate node(s), along w/ the Sysdig agent. Similarly, as nodes are added to the cluster, the Sysdig agent will be automatically added to them. In this way, Kubernetes manages the availability and resiliency of the Sysdig agent along w/ the container workloads.

For SaaS backend: The Sysdig SaaS platform provides built-in high-availability, leveraging a distributed systems approach for redundancy of the backend components and taking advantage of cloud availability zones to ensure reliable platform access without requiring users to build or manage their own HA solution.

Note: The Sysdig + Outposts validation does not include installation of a customer self-hosted backend. It is agent only (see diagram above).

Additional resources:


Read the official Sysdig documentation for general information about Sysdig installation and usage. You can also visit this Sysdig blog post about Amazon EKS monitoring and security with Sysdig.

Sysdig logo