Full Report
Learn how Wiz's latest feature identifies outdated EKS clusters, helping organizations save millions on cloud spend. Find out how to optimize costs and reinvest savings in strategic initiatives.
Analysis Summary
# Main Topic
Identification and remediation of Amazon EKS (Elastic Kubernetes Service) clusters running on outdated Kubernetes versions utilizing extended support, leading to substantial, unnecessary cloud expenditure following recent changes to AWS pricing structure.
## Key Points
- AWS implemented a revised pricing structure for EKS extended support (starting April 1, 2024), where clusters past the standard 14-month support period incur a higher cost of $0.60 per hour per cluster (up from $0.10).
- Wiz introduced a Cloud Configuration Rule within its Cost Optimization framework to specifically alert customers about EKS clusters in extended support versions.
- Potential annual savings are significant: Updating 100 outdated clusters saves approximately $438,000/year, while deleting them saves $525,000/year.
- The cumulative potential savings across Wiz's user base amount to tens of millions of dollars annually from addressing this single control.
## Threat Actors
- Not applicable. This summary pertains to cloud cost optimization and operational hygiene, not malicious threat actor activity.
## TTPs
- Not applicable. This context details cloud configuration oversight and financial inefficiency, not threat tactics, techniques, or procedures (TTPs).
## Affected Systems
- Amazon EKS (Elastic Kubernetes Service) clusters.
- Specifically, clusters running Kubernetes versions that have entered the extended support phase (past 14 months of standard support).
## Mitigations
- **Upgrade:** If the EKS cluster is actively used, upgrade it to a currently supported Kubernetes version to revert pricing back to standard rates.
- **Delete:** If the EKS cluster is not actively used, delete it immediately to eliminate the $0.60/hour charge.
- **Targeted Identification:** Utilize the Wiz Security Graph with a built-in query (for customers with the Kubernetes Connector) to specifically identify EKS clusters on extended support *that are not actively used*, prioritizing deletion candidates.
- **New Wiz Control:** Implement the built-in Cloud Configuration Rule: `EKS Cluster Kubernetes is on extended support (EKS-021)`.
## Conclusion
Organizations face escalating, unnecessary cloud expenditure due to running EKS clusters in the costly extended support bracket. Leveraging cloud configuration management tools like Wiz to proactively identify and remediate these outdated or unused clusters through targeted upgrading or deletion offers immediate financial savings that can be reinvested into strategic initiatives. This effort shifts the focus from purely security risks to operational and financial optimization.