Category: Compute

AWS App Runner now integrates with AWS Secrets Manager and AWS Systems Manager Parameter Store

AWS App Runner makes it easy to run web applications and APIs at production scale. It enables you to build, deploy, run, and observe web applications without the burden associated with infrastructure management. Many such applications externalize the storage of URLs, API keys, usernames, database secrets, and configuration parameters. Starting today, App Runner allows you to […]

Blue/Green or Canary Amazon EKS clusters migration for stateless ArgoCD workloads

Introduction Organizations use modern application development approaches, such as microservices, to increase innovation, performance, security, and reliability. However, when working with legacy deployment systems, it can be difficult to maintain a fast deployment pace while maintaining control and security over each deployment. As a result, customers often turn to orchestration systems like Amazon Elastic Container […]

Automate rollbacks for Amazon ECS rolling deployments with CloudWatch alarms

Introduction Amazon ECS now offers native support for monitoring and automatically reacting to changes during a rolling update by using Amazon CloudWatch metric alarms. This enables customers to easily automate discovery and remediation for failed deployments and minimize the performance and availability impacts. Customers can configure Amazon CloudWatch alarms for their rolling updates using the […]

Deploy geo-distributed Amazon EKS clusters on AWS Wavelength

Introduction In December 2019, we announced AWS Wavelength, new AWS infrastructure that allows customers to deploy workload closer to 5G-connected users and devices. Customers can now use AWS Wavelength to deploy Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Elastic Kubernetes Service (Amazon EKS) clusters and a suite of supported partner solutions available on the […]

Amazon EKS add-ons: Advanced configuration

This post is a follow-up to our previous post, Amazon EKS add-ons preserve customer edits. Introduction In October 2022, the Amazon Elastic Kubernetes Service (Amazon EKS) add-ons team introduced the ability to preserve edits, enabling customers to safely modify the configuration of Amazon EKS add-ons by using the Kubernetes application programming interface (API). This enhancement […]

Expose Amazon EKS pods through cross-account load balancer

Introduction Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service to run and scale Kubernetes applications in the cloud or on-premises. Kubernetes Ingress is an API resource that allows you manage external or internal HTTP(S) access to Kubernetes services running in a cluster. The AWS Load Balancer Controller in Amazon EKS creates Application […]

Announcing upcoming changes to the Amazon ECS console

Today, we’re excited to announce that the new Amazon Elastic Container Service (Amazon ECS) console becomes the default starting January 2023. The new console makes it easier to deploy containerized applications, configure load balancing, networking, monitoring, and gives you the new workflows for the effective operations and troubleshooting. Since its launch at re:Invent 2014, Amazon […]

Blue/Green Kubernetes upgrades for Amazon EKS Anywhere using Flux

Introduction Amazon EKS Anywhere (Amazon EKS-A) allows customers to run containerized workloads on customer-managed hardware. Amazon EKS-A cluster upgrades are performed in place using a rolling process (similar to Kubernetes Deployments). Upgrades can only happen one minor version at a time (e.g., version 1.20 to 1.21) and Control plane components will be upgraded before worker […]

Windows Authentication on Amazon EKS Windows pods

Per Microsoft documentation: Windows-based networks commonly use Active Directory (AD) to facilitate authentication and authorization between users, computers, and other network resources. Enterprise application developers often design their apps to be AD-integrated and run on domain-joined servers to take advantage of Integrated Windows Authentication, which makes it easy for users and other services to automatically […]

Managing access to Amazon Elastic Kubernetes Service clusters with X.509 certificates

Managing access to Amazon Elastic Kubernetes Service clusters with X.509 certificates

Introduction Currently, customers are given two main options for end users to access Amazon Elastic Kubernetes Service (Amazon EKS) clusters when using utilities like kubectl – AWS Identity and Access Management (AWS IAM), or OpenID Connect (OIDC). However, some customers leverage X.509 certificates to authenticate their end-users for access to Amazon EKS clusters, especially those […]