EKS
Definition
Amazon Elastic Kubernetes Service (EKS) is a managed service that simplifies running Kubernetes on AWS without needing to install and operate your own Kubernetes control plane or nodes. EKS integrates with AWS services to provide scalability, security, and high availability, allowing users to deploy, manage, and scale containerized applications using Kubernetes.
Secure Settings Example
apiVersion: v1
kind: Pod
metadata:
name: secure-pod
spec:
containers:
- name: secure-container
image: my-image:latest
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
nodeSelector:
eks.amazonaws.com/nodegroup: secure-node-group
tolerations:
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
Insecure Settings Example
apiVersion: v1
kind: Pod
metadata:
name: insecure-pod
spec:
containers:
- name: insecure-container
image: my-image:latest
securityContext:
privileged: true
runAsUser: 0
nodeSelector:
eks.amazonaws.com/nodegroup: insecure-node-group