AWS Config Security Best Practices for EKS

• https://docs.aws.amazon.com/config/latest/developerguide/security-best-practices-for-EKS.html

EKS AWS Config rules[edit]

• eks-endpoint-no-public-access: ag -ir cluster_endpoint_public_access *
• eks-cluster-logging-enabled: ag -ir cluster_enabled_log_types *
• eks-cluster-log-enabled
• eks-cluster-oldest-supported-version
• eks-cluster-supported-version: ag -ir cluster_version *
• eks-cluster-secrets-encrypted: ag -ir cluster_encryption_config *
• eks-secrets-encrypted

See also[edit]

• EKS security, endpoint access control, Grant access, AWS Config Security Best Practices for EKS, List of AWS Config Managed Rules
• AWS Config, Conformance Packs, List of AWS Config Managed Rules, ec2-imdsv2-check, alb-http-drop-invalid-header-enabled, aws_config_config_rule