Cloud / EKS

Kyverno policies for cloud-managed Kubernetes clusters, focused on AWS EKS and cloud controller security.

What’s Covered

• EKS best practices — Node group security, IAM roles for service accounts (IRSA)
• AWS cloud controller — Policies for cloud controller manager configuration
• Managed node group hardening — Enforce secure launch templates
• IRSA enforcement — Require workloads to use IAM Roles for Service Accounts
• EKS add-on validation — Ensure required add-ons are present and configured

All cloud and EKS policies are available in the Nirmata policy library on GitHub.