Mountpoint for Amazon S3 CSI driver introduces new access controls for individual Kubernetes pods
Share
Services
The Mountpoint for Amazon S3 Container Storage Interface (CSI) driver now supports configuring distinct [AWS Identity and Access Management (IAM)](https://aws.amazon.com/iam/) roles for individual Kubernetes pods. Built on [Mountpoint for Amazon S3](https://aws.amazon.com/s3/features/mountpoint/), the CSI driver presents an S3 bucket as a volume accessible by containers in Amazon Elastic Kubernetes Service (Amazon EKS) and self-managed Kubernetes clusters. Now, you can use IAM roles for each pod to restrict access to specific buckets or objects, without making changes to your applications.
Previously, you could configure an IAM role that the CSI driver used for all pods in your Kubernetes cluster. With this launch, you can further strengthen your application security when building multi-tenant environments by configuring the CSI driver to use individual IAM roles for each pod that attaches a volume. This means that you can run data-intensive jobs, like machine learning or media transcoding, across multiple pods while allowing each pod to access only the data it needs, providing data isolation between pods as a result.
Amazon EKS supports the Mountpoint for Amazon S3 CSI driver as an EKS add-on. You can install, configure, and update the CSI driver with just a few clicks in the Amazon EKS console, AWS Command Line Interface (AWS CLI), EKS Application Programming Interface (API), and AWS CloudFormation. To get started, follow the [user guide](https://docs.aws.amazon.com/eks/latest/userguide/s3-csi.html).
What else is happening at Amazon Web Services?
Amazon AppStream 2.0 users can now save their user preferences between streaming sessions
December 13th, 2024
Services
Share
AWS Elemental MediaConnect Gateway now supports source-specific multicast
December 13th, 2024
Services
Share
Amazon EC2 instances support bandwidth configurations for VPC and EBS
December 13th, 2024
Services
Share
AWS announces new AWS Direct Connect location in Osaka, Japan
December 13th, 2024
Services
Share
Amazon DynamoDB announces support for FIPS 140-3 interface VPC and Streams endpoints
December 13th, 2024
Services
Share