Check if EKS clusters are exposed to the internet.
EKS clusters exposed to the internet are vulnerable to unauthorized access, potential data loss, and increased cyberattack risks. Securing access to the EKS API server, worker nodes, and associated resources by configuring security groups, NACLs, and using private subnets is essential for minimizing exposure.
Restrict public access to the EKS API server and worker nodes by ensuring proper configuration of API endpoint access, security groups, and NACLs. Utilize private subnets and NAT gateways where appropriate for worker node traffic.