A security team is performing an audit of a company's AWS deployment. The security team is concerned that two applications might be accessing resources that should be blocked by network ACLs and security groups. The applications are deployed across two Amazon Elastic Kubernetes Service (Amazon EKS) clusters that use the Amazon VPC Container Network Interface (CNI) plugin for Kubernetes. The clusters are in separate subnets within the same VPC and have a Cluster Autoscaler configured.
The security team needs to determine which POD IP addresses are communicating with which services throughout the VPC. The security team wants to limit the number of flow logs and wants to examine the traffic from only the two applications.
Which solution will meet these requirements with the LEAST operational overhead?
rhinozD
Highly Voted 1 year, 4 months agojohnconnor
1 year, 1 month agoNeo00
1 year, 2 months agoILOVEVODKA
Highly Voted 1 year, 6 months agoJonalb
Most Recent 3 months, 1 week agovikasj1in
7 months, 1 week agomarfee
7 months, 2 weeks agojopaca1216
10 months, 2 weeks agoArad
10 months, 4 weeks agoneotusca
11 months, 1 week agoCertified101
1 year, 1 month ago[Removed]
1 year, 2 months ago[Removed]
1 year, 2 months agoAdamWest
1 year, 4 months agoconfusedyeti69
8 months, 2 weeks agoAdamWest
1 year, 4 months agoChinmoy
1 year, 4 months agosjoe
1 year, 5 months agoKristin01
1 year, 4 months agodremm
1 year, 5 months agosudipta0007
9 months, 1 week agothat1guy
1 year, 5 months agothat1guy
1 year, 5 months agolinuxek21
1 year, 5 months agostudy_aws1
1 year, 4 months agoITgeek
1 year, 5 months ago