Compliance Oriented Kubernetes for Amazon EKS. Setup machine images that are compliance oriented for PCI/HIPAA/SOC2 and setup clusters using Terraform.
- Encrypted Root Volume
- OSSEC: File System Monitoring for Changes.
- Logging via LogDNA
- Build Public Image on All Regions
- 2FA Login with Duo
- Third Party
aws_secret_key with the
To actually build the image run the following:
packer build image.json
To use this image with
kopsyou need to pass in the AMI name listed.
an example .auto.tfvars file is below
foxpass_api_key = "<foxpass_api_key>" cluster-name = "<name>" ec2_keypair = "<keypair>"
in order to set up the bastion you need to download the private key and have it in the repository.
You can pass the environment variables
CLOUDWATCH_AWS_SECRET_ACCESS_KEY to push metrics into AWS
CloudWatch. To do so make sure that the key has permissions to the
cloudwatch:PutMetricData cloudwatch:GetMetricStatistics cloudwatch:ListMetrics ec2:DescribeTags
Project by opsZero
This project is brought to you by opsZero we provide Kubernetes and AWS Lambda Migration. If you need help with your Kubernetes Migration reach out.
This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.