Links

AWS - EKS Enum

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

EKS

Amazon Elastic Kubernetes Service (Amazon EKS) is designed to eliminate the need for users to install, operate, and manage their own Kubernetes control plane or nodes. Instead, Amazon EKS manages these components, providing a simplified way to deploy, manage, and scale containerized applications using Kubernetes on AWS.
Key aspects of Amazon EKS include:
  1. 1.
    Managed Kubernetes Control Plane: Amazon EKS automates critical tasks such as patching, node provisioning, and updates.
  2. 2.
    Integration with AWS Services: It offers seamless integration with AWS services for compute, storage, database, and security.
  3. 3.
    Scalability and Security: Amazon EKS is designed to be highly available and secure, providing features such as automatic scaling and isolation by design.
  4. 4.
    Compatibility with Kubernetes: Applications running on Amazon EKS are fully compatible with applications running on any standard Kubernetes environment.

Enumeration

aws eks list-clusters
aws eks describe-cluster --name <cluster_name>
# Check for endpointPublicAccess and publicAccessCidrs
aws eks list-fargate-profiles --cluster-name <cluster_name>
aws eks describe-fargate-profile --cluster-name <cluster_name> --fargate-profile-name <prof_name>
aws eks list-identity-provider-configs --cluster-name <cluster_name>
aws eks describe-identity-provider-config --cluster-name <cluster_name> --identity-provider-config <p_config>
aws eks list-nodegroups --cluster-name <c_name>
aws eks describe-nodegroup --cluster-name <c_name> --nodegroup-name <n_name>
aws eks list-updates --name <name>
aws eks describe-update --name <name> --update-id <id>

Post Exploitation

References

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: