By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS EKS/AWS Inspector and Package Vulnerability

0

Hi,

If I have an EKS managed node group with EC2 instances and some package vulnerabilities. What is the best approach to fix the issues with Package Vulnerabilities? And second question, if I update EKS cluster the EC2 instances are update as well, should I then again fix the package vulnerabilities?

Thank you, M

Topics
Security, Identity, & ComplianceComputeContainersAWS Well-Architected Framework
Tags
Security, Identity, & ComplianceHigh Performance ComputeAmazon EC2Amazon Elastic Kubernetes ServiceSecurity
Language
English
profile picture
myronix88
asked 10 months ago591 views
1 Answer
0
Accepted Answer

The vulnerabilities can be fixed by upgrading the nodes to the latest or specific aws-eks-ami version which fixes the mentioned CVE ID. There could be some false positives as well that even after upgrading the vulnerabilities still persists which can be acknowledged or ignored.

AWS
Kumudhan Cherarajan
answered 10 months ago
  • myronix88
    10 months ago

    You mean it's AWS responsibility to fix package vulnerabilities when I update EKS manage node group version?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content