{"slug":"iam-aws-eks","cloud":"aws","service":"eks","title":"AWS EKS (IAM)","description":"Amazon Elastic Kubernetes Service (EKS) is a managed Kubernetes service for running containerized applications in the AWS cloud and on-premises.","category":"compute","common_permissions":["eks:ListClusters","eks:DescribeCluster","eks:ListNodegroups","eks:DescribeNodegroup","eks:ListAddons","eks:DescribeAddon","eks:ListUpdates","eks:TagResource"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"eks:ListClusters\",\n        \"eks:DescribeCluster\",\n        \"eks:ListNodegroups\",\n        \"eks:DescribeNodegroup\",\n        \"eks:ListAddons\",\n        \"eks:DescribeAddon\",\n        \"eks:ListUpdates\",\n        \"eks:TagResource\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid eks:* — grants full control including cluster and nodegroup deletion","Avoid eks:CreateAccessEntry unless needed — can grant Kubernetes access to unauthorized users"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/eks/eks.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:48:55.212Z","updated_at":"2026-06-14T04:48:55.212Z"}