AWS Network Firewall Adds Container Attribute Rules
π Today AWS announced container attribute-based rules for AWS Network Firewall, allowing firewall policies to reference native container constructs like Namespace, Cluster Name, Labels for Amazon EKS, and Cluster Name and Container Instance Attributes for Amazon ECS. This removes the need for fragile IP-based rules that break when pods scale or restart and supports generative AI and other dynamic workloads. The feature supports TLS decryption, FQDN and URL category filtering, and GeoIP controls, and is available at no extra cost in supported regions.
