Tag: EKS

Triaging and quickly responding to security events is important to minimize impact within an AWS environment. Acting in a standardized manner is equally important when it comes to capturing forensic evidence and quarantining resources. By implementing automated solutions, you can respond to security events quickly and in a repeatable manner. Before implementing automated security solutions, […]

February 26, 2025: We’ve updated this post to fix a typo in the code in Step 5 – Deploy your workload. Many customers want to seamlessly integrate their on-premises Kubernetes workloads with AWS services, implement hybrid workloads, or migrate to AWS. Previously, a common approach involved creating long-term access keys, which posed security risks and […]

Using Kubernetes policy-as-code (PaC) solutions, administrators and security professionals can enforce organization policies to Kubernetes resources. There are several publicly available PAC solutions that are available for Kubernetes, such as Gatekeeper, Polaris, and Kyverno. PaC solutions usually implement two features: Use Kubernetes admission controllers to validate or modify objects before they’re created to help enforce configuration best […]

March 15, 2023: We’ve updated this post to incorporate a section to investigate VPC flow logs. In part 1 of this of this two-part series, How to detect security issues in HAQM EKS cluster using HAQM GuardDuty, we walked through a real-world observed security issue in an HAQM Elastic Kubernetes Service (HAQM EKS) cluster and […]

In this two-part blog post, we’ll discuss how to detect and investigate security issues in an HAQM Elastic Kubernetes Service (HAQM EKS) cluster with HAQM GuardDuty and HAQM Detective. HAQM Elastic Kubernetes Service (HAQM EKS) is a managed service that you can use to run and scale container workloads by using Kubernetes in the AWS […]

October 13, 2022: This post had been updated with diagram of Figure 1: Outbound internet access through Network Firewall from HAQM EKS worker nodes modified. This blog post shows how to set up an HAQM Elastic Kubernetes Service (HAQM EKS) cluster such that the applications hosted on the cluster can have their outbound internet access […]