Securing Microservices in AWS EKS: Achieving Least Privilege Access with Foghorn’s Comprehensive Framework

One of Foghorn’s customers, a healthcare technology company specializing in electronic medical records (EMR), faced the intricate task of managing least privilege AWS access for microservices in AWS EKS (Elastic Kubernetes Service) across various healthcare applications.

Managing least privilege AWS access for microservices in AWS EKS (Elastic Kubernetes Service) across multiple mobile applications was a significant challenge faced by the company. To address this, Foghorn proposed a  microservice security strategy, ensuring the necessary access while adhering to the principle of least privilege. Their approach involved creating per-service IAM roles and service accounts for each microservice, automating the process through the use of Terraform.

In order to implement the solution effectively, a range of AWS services were recommended and integrated with the existing version control and CICD pipelines. This approach ensured a robust and cohesive design. The utilization of AWS IAM facilitated the management of access and permissions for the microservices, while AWS KMS provided secure key storage and encryption capabilities. The adoption of AWS EKS as the container orchestration platform ensured efficient management of microservices at scale. AWS S3 was utilized for seamless object storage, and AWS DynamoDB served as the reliable NoSQL database for data storage and retrieval requirements.

To further enhance the microservice security framework, Foghorn leveraged a selection of third-party solutions. Terraform, an infrastructure-as-code tool, played a pivotal role in automating the creation and management of microservice IAM roles and service accounts. Atlantis, a pull request automation tool, streamlined the review and approval process for infrastructure changes. By integrating Bitbucket, a web-based version control system, and Bitbucket Pipelines, a CI/CD platform, the deployment workflows were optimized. Kustomize, a Kubernetes-native configuration management tool, facilitated efficient management and customization of Kubernetes resources.

This framework proved to be scalable and adaptable to various microservices within the cluster, accommodating their unique AWS resource access requirements. The access was strictly scoped, ensuring that each microservice had precisely the necessary actions and resources available to them. This approach not only enhanced security but also minimized potential risks associated with broader permissions.

Throughout the project, valuable lessons were learned. One notable insight was the importance of adhering to the principle of least privilege when managing access for microservices. While it may seem convenient to rely on the EKS worker IAM Instance Profile and create a collective set of IAM permissions and resources for all pods, this approach is not considered best practice. Foghorn’s experience underscored the significance of granular access controls and scoped permissions to maximize security and maintain optimal governance.