Audited EKS Access

Building on the same proxy platform as our RDS proxy, Common Fate now supports audited access to AWS EKS clusters.

End users use the command `granted eks proxy` to connect to a cluster which adds an entry to their kubeconfig file.

Users can then use their regular Kubernetes tooling such as `kubectl` to perform operations on the cluster.

In Common Fate, a full audit trail of API actions is captured.

This new proxy also supports `kubectl exec` shell sessions. When a user starts a shell session, the proxy captures a full transcript of their session and makes this available for replay in the Common Fate Console.

‍

Improvements

• Administrators can now configure a default port for each database user in their terraform configuration when using the RDS Proxy. This port is used when running `granted rds proxy` and makes it easier to have a consistent configuration for multiple databases/users.

‍