Is AWS Fargate EKS Container to Container communication encrypted at the network level?
I see that ephemeral drives are now encrypted but is network communications between containers encrypted, say for HIPAA compliance. Looking specifically at Serverless Fargate with Kubernetes pods. A google of "fargate kubernetes network encryption" did not seem return relevant results, it was all about the ephemeral drives. If it is not, is there a way to do it?
Update:
I just found something that said you can set up a CNI but it wasn't 100% clear to me that that's possible with Fargate EKS.
Container to Container traffic is not encrypted by default in AWS ECS, Fargate or AWS EKS. Typically an add-on called a service mesh is responsible for this part of a cluster. The most famous service mesh implementation is Istio but Amazon has its manages service AWS App Mesh.
That said, a service mesh is an abstract name that does not mean much, so not all service mesh implementation does have support for encrypted traffic.
I don't have extensive experience with AWS Fargate. But it looks like AWS App Mesh support Fargate and AWS App Mesh have support for Transport Layer Security and in preview channel also mutual TLS authentication and this is both encrypted traffic with authentication and you can typically configure authorization as well (e.g. what app is allowed to communicate with what app).