Amazon EKS Pod Identity now offers streamlined cross-account access for Kubernetes applications, allowing pods to access AWS resources in different accounts without complex configurations. The feature simplifies the process by enabling users to specify both source and target IAM roles during Pod Identity association creation, leveraging IAM role chaining for seamless access to resources like S3 and DynamoDB.

AWS EventBridge's cross-account capabilities can introduce significant security vulnerabilities if not configured properly, allowing attackers to infiltrate or exfiltrate data. The article outlines various attack patterns, including persistent beaconing, command and control, and reconnaissance, highlighting the stealthy nature of these threats and the importance of securing EventBridge configurations. Practical guidance for mitigating these risks is also provided.

AWS Cloud Map now supports cross-account service discovery by integrating with AWS Resource Access Manager, allowing organizations to manage and discover resources across multiple AWS accounts. This enhancement simplifies resource sharing and service discovery while promoting consistency and reducing duplication in multi-account architectures. The feature is accessible in all commercial AWS Regions through various management tools.