Authored by Anjali Shukla & Divyanshu Shukla for kubernetesvillage community.
The AWS EKS Red Team Masterclass - From Exploitation to Defense is an immersive workshop designed to take participants through real-world scenarios of attacking and defending Kubernetes clusters hosted on AWS EKS.
This workshop provides a comprehensive approach, from understanding the anatomy of attacks on EKS clusters to deploying robust defense mechanisms. Participants will learn how to exploit misconfigurations and vulnerabilities within AWS EKS, followed by the implementation of best security practices to safeguard the environment. Key Takeaways:
- Hands-on labs focused on exploiting EKS misconfigurations.
- Techniques for lateral movement, privilege escalation, and post-exploitation in AWS EKS.
- Deep dive into securing AWS EKS clusters by leveraging IAM roles, Kubernetes RBAC, and network policies.
- Best practices for automating vulnerability detection and defense mechanisms in AWS EKS environments.
This workshop is tailored for security professionals, cloud engineers, and DevOps teams looking to enhance their understanding of offensive and defensive Kubernetes security strategies.
- ❗ Gmail Account
- Gmail account to access the documentation.
- 🔧 GitHub Codespace Setup
- Set up GitHub for Codespace so that the lab can be configured & deployed.
- 🔑 Bring Your Own AWS Account
- Participants are required to bring an AWS account with billing enabled and admin privileges.
- 💻 Laptop with Browser
- Laptop with an updated browser (Administrative Privileges if required).
Reach out in case of missing credits.
- Kubernetes Architecture
- Credits for image: Offensive Security Say – Try Harder!
- madhuakula
- vulhub
- Amazon EKS Security Immersion Day
- eksworkshop.com - GuardDuty Log Monitoring
- Kubernetes Architecture
- Tech Blog by Anoop Ka - Kyverno
- Microsoft Attack Matrix for Kubernetes
- Datadog Security Labs - EKS Attacking & Securing Cloud Identities
- HackTricks AWS EKS Enumeration
- AWS EKS Best Practices
- Amazon EMR IAM Setup for EKS
- AWS EKS Pod Identities
- Anais URL - Container Image Layers Explained
- GitLab - Beginner’s Guide to Container Security
- Wiz.io Academy - What is Container Security
- JFrog Blog - 10 Helm Tutorials
- Datadog Security Labs - EKS Cluster Access Management
- ChatGPT - For Re-phrasing & Re-writing
- Okey Ebere Blessing - AWS EKS Authentication & Authorization
- Microsoft Blog - Attack Matrix for Kubernetes
- Subbaraj Penmetsa - OPA Gatekeeper for Amazon EKS
- Open Policy Agent GitHub
- OPA Gatekeeper Documentation
- Gatekeeper Library on GitHub
- CDK EKS Blueprints - OPA Gatekeeper
- AWS EKS Documentation
- Datadog Security Labs - EKS Attacking & Securing Cloud Identities
- Cloud HackTricks Kubernetes Enumeration
- Attacking & Defending Kubernetes training