all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Auditing AWS EKS Pod Permissions

Add to bookmarks
Feb. 29, 2024, 8:50 p.m. | Eric Johnson

DEV Community dev.to

Applications running in EKS often require access to AWS resources, including S3 buckets, DynamoDB tables, Secrets Manager secrets, KMS keys, SQS queues, and other resources. As a security auditor, mapping EKS pods in a cluster to assigned IAM policy permissions can be challenging. In this post, we will review three different ways to audit EKS pod permissions.





EKS Node IAM Role Permissions


EKS avoids provisioning long-lived access keys to the cluster’s nodes by using an instance profile to pass IAM …

access applications audit auditing auditor aws can cluster dynamodb eks iam identity keys kms manager mapping permissions pods policy queues resources review running s3 buckets secrets secrets manager security sqs tables

Visit resource

More from dev.to / DEV Community

Access Google Cloud Secret Manager via Google Apps Script 2 hours ago | dev.to
access api api keys apps +22
The Reality of Burnout and Breaking Into Tech 5 hours ago | dev.to
back breaking burnout coding +18
No More Passwords! Terraform Module Makes GCP-GitHub Authentication a Breeze 5 hours ago | dev.to
access actions authentication cloud +23
How to Add Firebase Authentication To Your NodeJS App 6 hours ago | dev.to
absolute app application authentication +19
JS Security Tip 05-01-2024 ICYMI 7 hours ago | dev.to
alert argument can fair +11
Optimise and Secure AWS HTTP API Gateway by locking down direct access 8 hours ago | dev.to
access advanced api api gateway +25
Learn SwiftUI (Day 8/100) 8 hours ago | dev.to
case defined error function +9
Login with OTP Authentication in Django and Django REST Framework 8 hours ago | dev.to
application applications authentication build +16
Exploring Flutter Secure Storage: Safeguarding Data in Mobile Apps 11 hours ago | dev.to
applications apps array breaches +26

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs