Amazon EKS

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes. Kubernetes is an open-source system for automating the deployment, scaling, and management of containerized applications. Amazon EKS:

• Runs and scales the Kubernetes control plane across multiple AWS Availability Zones to ensure high availability.
• Automatically scales control plane instances based on load, detects and replaces unhealthy control plane instances, and it provides automated version updates and patching for them.
• Is integrated with many AWS services to provide scalability and security for your applications, including the following capabilities:

1. Amazon ECR for container images
2. Elastic Load Balancing for load distribution
3. IAM for authentication
4. Amazon VPC for isolation

• Runs up-to-date versions of the open-source Kubernetes software, so you can use all of the existing plugins and tooling from the Kubernetes community. Applications that are running on Amazon EKS are fully compatible with applications running on any standard Kubernetes environment, no matter whether they're running in on-premises data centers or public clouds. This means that you can easily migrate any standard Kubernetes application to Amazon EKS without any code modification.

Kubernetes and EKS have matured significantly over the last few years, with many standard practices developing across the industry based on lessons learned from earlier mistakes. Best practices for EKS build on the knowledge of Kubernetes-specific considerations and AWS-related standards. Following these recommendations ensures that the clusters are designed according to well-known conventions, reducing potential problems and improving the cluster management experience.

How does Amazon EKS work?

Security

Kubernetes security in EKS is the responsibility of both Amazon Web Services (AWS) and the client. This shared responsibility model divides the main security aspects as follows:

• AWS security – AWS is responsible for the security of the infrastructure that supports AWS services. In Amazon EKS, AWS protects the Kubernetes control plane, including the etcd database and control plane nodes. AWS compliance involves regular testing by third-party auditors to verify security effectiveness.
• Client-side security – As the client, you are responsible for securing your workloads. This includes ensuring data security, upgrades and patches for worker nodes, and secure configuration for the data plane, nodes, containers, and operating systems. You must also configure security groups that allow the EKS control plane to securely communicate with your virtual private clouds (VPCs).

Layers

Security Layers

Best practices

There are several security best practice areas that are pertinent when using a managed Kubernetes service like EKS:

1- Identity and Access Management (IAM):

• Implement the principle of least privilege by granting the minimum permissions required for each role.
• Regularly review and audit IAM policies to ensure they align with current requirements.
• Utilize AWS IAM features like MFA, password policies, and IAM roles.

2- Pod Security:

• Employ Kubernetes Pod Security Policies to control and restrict pod behavior.
• Utilize Network Policies to regulate traffic flow between pods.
• Implement Pod Security Context to define security attributes at the pod level.

3- Runtime Security:

• Use container runtime security tools to monitor and protect containers during execution.
• Employ runtime security solutions that offer features like vulnerability scanning, anomaly detection, and runtime protection.

4- Network Security:

• Utilize network policies to control traffic flow within the Kubernetes cluster.
• Implement network segmentation to isolate sensitive workloads.
• Use network security tools like AWS Security Groups and VPC Flow Logs for monitoring traffic.

5- Multi-tenancy:

• Implement RBAC (Role-Based Access Control) to manage access within the multi-tenant environment.
• Use namespaces to segregate resources and workloads belonging to different tenants.
• Employ network segmentation to isolate tenant workloads.

6- Detective Controls:

• Implement logging and monitoring solutions to detect and respond to security incidents.
• Utilize AWS CloudWatch Logs, AWS CloudTrail, and Kubernetes audit logs for tracking activities.
• Set up alerts and notifications for detecting anomalous behavior.

7- Infrastructure Security:

• Secure the underlying infrastructure of the Kubernetes cluster, including worker nodes and control plane components.
• Regularly update and patch the operating systems and software components.
• Implement security best practices for the underlying cloud environment.

8- Data Encryption and Secrets Management:

• Use AWS KMS for encryption of data at rest and in transit.
• Utilize Kubernetes secrets for storing sensitive information like API keys and passwords.
• Implement secure communication channels using TLS/SSL.

9- Regulatory Compliance:

• Ensure that the Kubernetes environment complies with relevant regulations and standards.
• Implement security controls and practices that align with compliance requirements.
• Regularly conduct audits and assessments to validate compliance.

10- Incident Response and Forensics:

• Develop an incident response plan outlining roles, responsibilities, and procedures.
• Conduct regular security drills and exercises to test the incident response process.
• Implement tools for forensic analysis and investigation in case of security incidents.

11- Image Security:

• Scan container images for vulnerabilities before deployment.
• Implement image signing and verification to ensure image integrity.
• Use image registries with access controls and scanning capabilities.

As part of designing any system, you need to think about its security implications and the practices that can affect your security posture. For example, you need to control who can perform actions against a set of resources. You also need the ability to quickly identify security incidents, protect your systems and services from unauthorized access, and maintain the confidentiality and integrity of data through data protection. Having a well-defined and rehearsed set of processes for responding to security incidents will improve your security posture too. These tools and techniques are important because they support objectives such as preventing financial loss or complying with regulatory obligations.