Chainguard EKS add-ons enable teams to reduce the time, effort, and operational overhead required to deploy and maintain compliant infrastructure

KIRKLAND, Wash., April 30, 2026 /PRNewswire/ — Chainguard, the trusted source for open source, today announced the availability of five core Amazon Elastic Kubernetes Service (EKS) add-ons in AWS Marketplace. These add-ons incorporate the same hardened, FIPS-validated container images that Chainguard delivers for customers today. By integrating into AWS-native workflows, they enable teams in highly regulated industries to deploy and maintain compliant infrastructure more efficiently. With this move, Chainguard is now the only third-party provider delivering zero-known-CVE, FIPS 140-3 validated EKS add-on images in AWS Marketplace, providing a drop-in option for teams that manage their own add-on lifecycle.

Addressing compliance in EKS infrastructure

The threat landscape has fundamentally shifted with AI surfacing vulnerabilities faster than maintainers can patch them, and nation-state actors increasingly targeting the software supply chain. Organizations running EKS and working toward FedRAMP and FIPS 140-3 requirements need core components that meet security and compliance standards. For organizations that require FIPS-validated add-on container images and manage their own EKS node groups, obtaining compliant components has meant custom integration work and ongoing maintenance overhead. While EKS Auto Mode provides a fully managed path with FIPS-compatible infrastructure, enterprises that desire granular control over individual add-ons have lacked a frictionless marketplace option until now.

“Organizations in highly regulated industries that need FIPS-validated container images for their EKS add-ons have faced a difficult tradeoff between custom hardening work and adopting a fully managed approach,” said Patrick Donahue, Senior Vice President of Product, Chainguard. “Chainguard’s EKS add-ons bring the same zero-known-CVE, FIPS-validated images our customers rely on into the AWS-native procurement path so security teams get what they need without slowing developers down.”

Built for EKS and hardened from the start

Chainguard EKS add-ons in AWS Marketplace provide a supported, compliant, and developer-friendly path to secure EKS infrastructure. The five EKS add-ons now available through Chainguard include:

• kube-proxy: Network rules on each node for Service connectivity;
• CoreDNS: Cluster-internal DNS resolution;
• VPC CNI: Pod networking using AWS VPC-native IP addresses;
• EBS CSI: Amazon EBS volume provisioning for pods;
• EFS CSI: Amazon EFS file system access for pods.

Chainguard Containers: Minimal by design and compliant by default

Chainguard offers the industry’s largest catalog of more than 2,300 hardened container images. Chainguard Containers are continuously rebuilt from source and contain only what is necessary to run, delivering zero known CVEs, high-quality SBOMs, and verifiable signatures out of the box. The result is a dramatically smaller attack surface, with FIPS-validated variants meeting the cryptographic module requirements mandated by FedRAMP, HIPAA, PCI-DSS, and other regulatory frameworks.

Chainguard EKS add-ons are available through AWS Marketplace today. Security and platform teams can now adopt Chainguard’s hardened images without changing their existing EKS workflows or procurement processes. For more information, visit: https://aws.amazon.com/marketplace/seller-profile?id=45c2a1e6-2f03-4b9f-80ad-6591bdb6fd4d

About Chainguard
Chainguard is the trusted source for open source. By delivering hardened, secure, and production-ready builds of all the open source software engineers and AI agents rely on, Chainguard helps organizations build faster, stay compliant, and eliminate risk. Its customers include Fortune 500 enterprises and global industry leaders, including Anduril, Canva, Fortinet, Hewlett Packard Enterprise, OpenAI, Snap Inc., and Snowflake. Chainguard is venture-backed by leading investors, including Amplify, IVP, Kleiner Perkins, Lightspeed Venture Partners, Mantis VC, Redpoint Ventures, Sequoia Capital, and Spark Capital. For more information, visit: https://www.chainguard.dev/ 

View original content to download multimedia:https://www.prnewswire.com/news-releases/chainguard-brings-fips-validated-zero-cve-eks-add-ons-to-aws-marketplace-302758188.html

SOURCE Chainguard