Improve Kubernetes intel module and EKS support

[ishaanverma]

i wanted to propose changes to the kubernetes intel module that improves the way the schema is structured and also adds support for linking it to AWS resources. so essentially any EKS cluster in AWS is a kubernetes cluster. making this change would allow us to run queries like "find all publicly exposed containers in an EKS cluster", "which containers have unencrypted EBS volumes", "what images are running on publicly exposed containers", etc.

currently our schema looks like A, but i think a better way to represent a kubernetes cluster would be B. in B, the yellow nodes indicate AWS resources

[ishaanverma]

technically, all resources belonging to a namespace would have the RESOURCE relation including pods, containers. i realize that's not explicitly shown on the diagram

[jychp]

Improving the K8S schema sounds like a solid move.

Also, the idea of linking AWS resources to K8S nodes is a great idea. It lines up really well with this suggestion around abstraction levels: #1460

Feels very aligned with the thinking we had in this thread too:
#1530 (comment)

After a bit of thought, here’s my take:

Stick as closely as possible to the source provider’s data model for the base nodes.
Introduce an abstraction layer only when we need to represent more generic concepts shared across multiple providers.

One thing to keep in mind though, in the AWS intel module, I’d suggest keeping a clean separation between ingesting AWS resources and creating/linking the corresponding K8S nodes. That'll help keep things modular and easier to maintain down the line.