Vendor services misconfigurations

Minimize cluster access to read-only for Amazon ECR

Platform(s)
Compliance Frameworks
  • Brazilian General Data Protection (LGPD)
    • ,
  • CCPA
    • ,
  • CPRA
    • ,
  • Data Security Posture Management (DSPM) Best Practices
    • ,
  • EKS CIS
    • ,
  • GDPR
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • PDPA
    • ,
  • UK Cyber Essentials

Description

The EKS Cluster Service Account only requires pull access to containers to deploy onto Amazon EKS. Restricting permissions follows the principles of least privilege and prevents credentials from being abused beyond the required role.
Need help?

Get a free Security Risk Assessment. Start today

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo