Products

Solutions

Company

Book A Live Demo

Rule: Ensure AWS EKS Cluster Security Group Restricts Traffic

This rule ensures that the security group for AWS EKS cluster is not overly permissive to all traffic.

Rule	Ensure AWS EKS cluster security group is not overly permissive to all traffic
Framework	CloudDefense.AI Security
Severity	✔ High

AWS EKS Cluster Security Group Rule for CloudDefense

Description:

AWS Elastic Kubernetes Service (EKS) clusters require a security group rule to regulate inbound and outbound traffic. The security group should be configured to allow only necessary traffic for the CloudDefense service, preventing unauthorized access and potential security breaches.

Rule Policy:

The rule policy enforces restricting the security group associated with the AWS EKS cluster to only allow traffic necessary for the CloudDefense service. This ensures a more secure environment by disallowing overly permissive access.

Troubleshooting Steps (if applicable):

If you encounter any issues with this rule, follow these troubleshooting steps to resolve them:

1.
Ensure the correct security group is associated with your EKS cluster.

2.
Verify that the rule is properly defined within the security group.

3.
Double-check the network configuration and ensure that appropriate inbound and outbound rules are in place for CloudDefense.

4.
Ensure the correct ports and protocols are allowed for CloudDefense's communication.

Necessary Code/Policy (if applicable):

Below is an example of the required security group rule using AWS CLI command:

aws ec2 authorize-security-group-ingress --group-id <security_group_id> --protocol tcp --port <port_number> --source <source_IP_range>

Replace

<security_group_id>

with the actual security group ID associated with your EKS cluster.

<port_number>

should be replaced with the specific port number required for CloudDefense, and

<source_IP_range>

should be the IP range or CIDR block from which CloudDefense operates.

Step-by-step Guide for Remediation:

1.
Identify the EKS cluster for which you want to enforce the security group rule.

2.
Retrieve the security group ID associated with the EKS cluster.

3.
Use the AWS CLI or AWS Management Console to modify the security group rules.

Using AWS CLI:

Step 1: Retrieve the security group ID:

Use the following AWS CLI command to retrieve the security group ID associated with the EKS cluster:

aws eks describe-cluster --name <cluster_name> --query 'cluster.resourcesVpcConfig.clusterSecurityGroupId' --output text

Replace

<cluster_name>

with the name of your EKS cluster.

Step 2: Modify the security group rule:

Run the following AWS CLI command to add the necessary security group rule:

aws ec2 authorize-security-group-ingress --group-id <security_group_id> --protocol tcp --port <port_number> --source <source_IP_range>

Replace

<security_group_id>

with the security group ID retrieved in Step 1. Update

<port_number>

with the specific port number required for CloudDefense, and

<source_IP_range>

with the IP range or CIDR block from which CloudDefense operates.

Using AWS Management Console:

Step 1: Retrieve the security group ID:

1.
Log in to the AWS Management Console.

2.
Navigate to the EC2 service.

3.
Select "Security Groups" from the sidebar.

4.
Locate the security group associated with your EKS cluster and make a note of its ID.

Step 2: Modify the security group rule:

1.
Select the appropriate security group from the list.

2.
Click on the "Inbound Rules" tab.

3.
Click the "Edit inbound rules" button.

4.
Add a new rule for CloudDefense by specifying the necessary port number and source IP range.

5.
Save the changes.

Conclusion:

By enforcing this rule, you restrict the AWS EKS cluster's security group to only allow essential traffic for CloudDefense. This ensures a more secure environment by preventing unauthorized access and potential security breaches.

Rule: Ensure AWS EKS Cluster Security Group Restricts Traffic

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Description:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Rule Policy:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps (if applicable):

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Code/Policy (if applicable):

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-step Guide for Remediation:

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}Using AWS CLI:

.css-1ekaeh4{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:22px;font-weight:700;margin-top:1rem;margin-bottom:0rem;}Using AWS Management Console:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Conclusion:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Description:

Rule Policy:

Troubleshooting Steps (if applicable):

Necessary Code/Policy (if applicable):

Step-by-step Guide for Remediation:

Using AWS CLI:

Using AWS Management Console:

Conclusion:

Is your System Free of Underlying Vulnerabilities?
Find Out Now