EksCluster should not have more than one security group

Having more than 1 security group is a bad practice and may create unexpected results

Risk Level: Medium
Cloud Entity: EKS Cluster
CloudGuard Rule ID: D9.AWS.NET.70
Covered by Spectral: No
Category: Compute

GSL LOGIC

EksCluster should not have resourcesVpcConfig.additionalSecurityGroups length()>1

REMEDIATION

From Portal:

  1. Sign in to the AWS console.
  2. Navigate to the EKS (Amazon Elastic Kubernetes) service.
  3. Select the cluster you want to verify.
  4. Go to Networking tab and ensure there is no Additional security groups associated to that cluster.
  5. Choose one security group or create a new security group that have all the correct rules.

References:

  1. https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html

EKS Cluster

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed service that you can use to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane or nodes.

Compliance Frameworks

  • AWS CloudGuard Best Practices
  • AWS HITRUST
  • AWS HITRUST v11.0.0
  • AWS ISO27001:2022
  • AWS ITSG-33
  • AWS MITRE ATT&CK Framework v10
  • AWS MITRE ATT&CK Framework v11.3
  • AWS NIST 800-53 Rev 5
  • CloudGuard AWS All Rules Ruleset