Network misconfigurations

Default VPC is being used to launch an EKS cluster

Platform(s)
Compliance Frameworks
  • CCPA
  • ,
  • cis_8
  • ,
  • CPRA
  • ,
  • HITRUST
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • K8s OWASP Top 10
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-190
  • ,
  • NIST 800-53
  • ,
  • PDPA

Description

A default VPC is automatically created when you first provision related resources and is suitable for a quick start. The default VPC is used when an instance is launched without a particular subnet. It was found that the default VPC is being used for launching your EKS cluster {AwsEksCluster}. The default VPC comes with a default configuration that lacks the proper security controls. Your network should be well configured and follow the least privilege principle, meaning only the necessary privileges are granted. Therefore, the default VPC will not suit your needs.