In this hands-on session, explore how to automate the identification, analysis, and mitigation of risks in Amazon Elastic Kubernetes Service (Amazon EKS) clusters. Learn how to implement robust security controls—including role-based access control (RBAC), EKS Pod Identity, and service accounts—to apply least-privilege access and secure workload isolation. Also discover how to use AWS CloudTrail and Amazon CloudWatch to gain deep visibility into EKS cluster activities, enabling real-time monitoring and automated risk detection. Learn the skills to automate risk management processes, helping your Kubernetes workloads remain resilient against evolving threats. You must bring your laptop to participate.
Securing and Observing EKS GitHub repo - Holds the content to deploy the environment to run this workshop in your own account.
EKS Security Best Practices Guide One Observability Workshop EKS Workshop - Security
Overview of Amazon EKS and Kubernetes sessions at AWS re:Invent 2024
Verify schedule and location in the AWS Re:invent App
KUB319 | Securing and Optimizing Your Software Supply Chain with Amazon ECR
KUB302 | Strategies and Best Practices for Securing Containerized Environments
KUB315 | Securing Kubernetes workloads in Amazon EKS
SEC216 | Build trust in your CI/CD pipeline: Codify container security at scale
SEC311 | Secure containers from supply chain attacks
SVS301 | Architecting for data protection and compliance with Amazon ECS
SVS332 | Build secure and performant apps easily with Amazon ECS & AWS Fargate
SVS411 | Securing Amazon ECS workloads with AWS Signer and Amazon GuardDuty
SVS412 | Achieving a secure microservices architecture on Amazon ECS