all InfoSec news
Auditing AWS EKS Pod Permissions
DEV Community dev.to
Applications running in EKS often require access to AWS resources, including S3 buckets, DynamoDB tables, Secrets Manager secrets, KMS keys, SQS queues, and other resources. As a security auditor, mapping EKS pods in a cluster to assigned IAM policy permissions can be challenging. In this post, we will review three different ways to audit EKS pod permissions.
EKS Node IAM Role Permissions
EKS avoids provisioning long-lived access keys to the cluster’s nodes by using an instance profile to pass IAM …
access applications audit auditing auditor aws can cluster dynamodb eks iam identity keys kms manager mapping permissions pods policy queues resources review running s3 buckets secrets secrets manager security sqs tables