EKS control plane and data plane

Amazon EKS operates a control plane that handles the AWS API calls responsible for high-level cluster management (such as eks:CreateCluster and eks:UpdateClusterConfig). That control plane is not covered in detail in this document; instead, this document focuses on the cluster-specific Kubernetes control plane and data plane. For information about securing the AWS APIs for cluster management, see the Security best practices in IAM guide.

Figure 2: Security Overview covered content

Topics

Amazon EKS control plane
EKS Auto Mode data plane
Workloads

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS Shared Security Responsibility Model

Amazon EKS control plane