While granting an EKS pod IAM credentials is fairly straightforward, is it just as easy to trace an AWS event back to the pod that triggered it? Join us as we explore the complexities of pod identities within AWS. In this talk, we will present ongoing research on EKS role unchaining, focusing on a relevant attack path: jumping between AWS accounts using EKS clusters. Come and elevate your knowledge of Kubernetes identity and learn how to uncover the true source entities behind actions that take place within AWS accounts.

Based on my published article:
https://medium.com/@stavocha/eks-role-unchaining-tracing-aws-events-back-to-pods-for-enhanced-security-1697563d95a0