EKS Network Load Balancer Port Probing

Hi,

I set up an EKS cluster using an NLB. It's currently working fine but the security group creates rules that open some ports to internet. The instances behind the security group are being probed every day and GuardDuty sends alerts notifying that I have unprotected ports. Documentation says that Amazon EKS adds one inbound rule to the node's security group for client traffic and one rule for each load balancer subnet in the VPC for health checks for each Network Load Balancer. I'm not sure if this indeed is a normal behavior because I get the alarms from GuardDuty every time I turn on the cluster. Do I need to setup additional configuration to secure those ports being probed?

Thanks

Topics

Security, Identity, & Compliance Containers

Relevant content

Run SMTP server EKS and export port 25 via NLB load balancer
pettman
asked a year ago
AWS EKS Internal Network load balancer (NLB) timed out while trying to connect from underlying eks worker node
rePost-User-7557691
asked 2 years ago
My Network Load Balancer is not enforcing the target Security group
colmos
asked 5 years ago
how to create multiple ingress port on Amazon EKS using single Application Load Balancer
AWS-User-7785012
asked 2 years ago
How do I set up an Application Load Balancer through the AWS Load Balancer Controller on an Amazon EC2 node group in Amazon EKS?
AWS OFFICIALUpdated 3 months ago
How do I troubleshoot load balancers created by the Kubernetes service controller in Amazon EKS?
AWS OFFICIALUpdated a year ago
How do I set up the AWS Load Balancer Controller on an Amazon EKS cluster for Fargate and then deploy the 2048 game?
AWS OFFICIALUpdated 2 months ago
How do I create an Amazon EKS cluster and node groups that don't require access to the internet?
AWS OFFICIALUpdated 2 years ago
Launch announcement: Network Load Balancer now supports security groups
EXPERT
zobAWS
published 9 months ago
Network Load Balancer (NLB) troubleshooting guide
EXPERT
Alok Srivastava
published 7 months ago