Amazon EKS introduces enhanced network policy capabilities
Containers Blog
This article announces enhanced network policy capabilities for Amazon EKS, including Admin Policies and Application Network Policies for improved cluster-wide security control.
- Admin Network Policies enable cluster administrators to set cluster-wide security rules that cannot be overridden
- Application Network Policies allow filtering pod traffic using domain names instead of IP addresses
- Admin Tier policies are evaluated first, followed by standard NetworkPolicies, then Baseline Tier rules
- Application Network Policies operate at OSI layer 7, supporting FQDN-based filtering for external resources
- Ideal for cloud-to-on-premises communication and SaaS service access scenarios
- Requires Kubernetes 1.29 or later; available in new EKS clusters with existing cluster support coming soon
- DNS-based policies exclusive to EKS Auto Mode clusters
These enhancements provide centralized security controls and simplified management of pod egress traffic through domain name filtering, reducing operational complexity.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.