Add your Amazon EKS clusters

You can add Amazon EKS clusters to AWS accounts you have added to Sophos Cloud Optix.

Sophos Cloud Optix will provide additional detailed inventory information for your Amazon Elastic Kubernetes Service (Amazon EKS) clusters, and additional security checks against your EKS configuration.

You can add other AWS environments to Sophos Cloud Optix in many ways. You must add EKS clusters with this method.

Before you can add EKS clusters to your environments, you need to:

  • Install AWS CLI (version 1.16.96 or higher) on a Linux or Mac computer.
  • Install AWS IAM Authenticator for Kubernetes for authentication to your EKS cluster.
  • Install the kubectl utility to communicate with the cluster API server (select the version that corresponds to your EKS cluster).
  • Ensure that the AWS account that you're using to add the cluster to Sophos Cloud Optix has permissions in the EKS cluster.
  • Ensure that Endpoint Public Access is enabled.

Running the Sophos script creates a read-only service account in your EKS cluster, and adds the cluster to your Sophos Cloud Optix console.

  1. Click Settings > Environments > Add new Environment
  2. Under Enable features for existing environments select Add Amazon EKS clusters.
  3. Download the Sophos Cloud Optix script.
  4. Run the script.