Security considerations for Kubernetes

The following are considerations for security in the cloud, as they affect Kubernetes in Amazon EKS clusters. For an in-depth review of security controls and practices in Kubernetes, see Cloud Native Security and Kubernetes in the Kubernetes documentation.

Topics

Secure workloads with Kubernetes certificates
Understand Amazon EKS created RBAC roles and users
Understand Amazon EKS created Pod security policies (PSP)
Migrate from legacy Pod security policies (PSP)
Encrypt Kubernetes secrets with {aws} KMS on existing clusters
Use AWS Secrets Manager secrets with Amazon EKS Pods

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Resilience

Certificate signing