The CIS for Amazon Elastic Kubernetes Service (EKS) benchmark helps to assess the security configuration of Amazon EKS clusters, and makes sure nodes and applications are configured securely to meet security and compliance requirements. It was created from the CIS Kubernetes benchmark and with the input of the community around specific configuration considerations for EKS clusters, as the CIS Kubernetes benchmark does not sufficiently cover the different configuration mechanisms used by Amazon EKS and may result in false positive errors.

Compliance checks for Amazon Web Services

Ensure EKS Private access is enabled
Ensure Kubernetes API servers are not publicly accessible
Ensure AWS EKS cluster has secrets encryption enabled
Ensure EKS Public access is disabled