Amazon EKS enhances cluster governance with new IAM condition keys
News
This article announces seven new IAM condition keys for Amazon EKS cluster creation and configuration APIs, enhancing governance and security controls.
- Enforce private-only API endpoints for cluster access
- Require customer-managed KMS keys for secrets encryption
- Restrict clusters to approved Kubernetes versions
- Mandate deletion protection for production workloads
- Specify control plane scaling tiers
- Enable zonal shift capabilities for high availability
- Integrate with AWS Organizations SCPs for centralized governance
- Available in all AWS Regions at no additional charge
These new condition keys enable organizations to enforce consistent security and compliance policies across multi-account environments without manual intervention.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
May 1
2026
2026
Amazon EKS now supports one-click cluster access through CloudShell
Feb 26
2025
2025
Amazon ECS adds support for additional IAM condition keys
Dec 1
2024
2024
Streamline Kubernetes cluster management with new Amazon EKS Auto Mode
Mar 27
2025
2025
Amazon EKS now enforces upgrade insights checks as part of cluster upgrades
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.