Category: Compute

Earlier this year we announced the general availability of App Runner VPC support. This feature enabled your services to communicate with databases and other applications hosted in an Amazon Virtual Private Cloud (Amazon VPC). Today, we released App Runner private services, and now customers can strengthen the security posture of their applications and meet their […]

Introduction Customers are moving to cloud thanks to its scalability and cost-effectiveness. Some are adopting Kubernetes to modernize their workloads for a more agile way to iterate and deliver time-to-market services or product features to their customers. As the number of clusters to be managed increases, customers struggle with different deployment mechanisms and application programming […]

Introduction Securely adopting Kubernetes includes preventing unwanted changes to clusters. Unwanted changes can disrupt cluster operations and even compromise cluster integrity. Introducing pods that lack correct security configurations is an example of an unwanted cluster change. To control pod security, Kubernetes provided Pod Security Policy (PSP) resources. PSPs specify a set of security settings that […]

This post was co-written by Shimon Tolts, CEO and Co-Founder, Datree. Introduction On July of 2020, we introduced the beta version of cdk8s+, a high-level intent driven application programming interface (API) designed to simplify Kubernetes resource configuration. Since its release, we’ve been working on adding capabilities and collecting feedback from our customers. Today, we’re happy […]

Introduction Bottlerocket is a security focused operating system (OS) image that provides out-of-the-box security options to protect host or worker nodes. While Bottlerocket is useful, the security of the pods and the containers is still the responsibility of the application developer or provider. KubeArmor, a CNCF (Cloud Native Computing Foundation) sandbox project, is a runtime […]

Introduction Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry offering high-performance hosting, so you can reliably deploy application images and artifacts anywhere. It stores container images and artifacts that deploy application workloads across AWS services as well as non-AWS environments. Amazon ECR is a regional service, where each Region in each […]

Introduction As part of AWS re:Invent 2020, the Amazon Elastic Kubernetes Service (Amazon EKS) Team announced the release of Amazon EKS add-ons. The addition of add-ons was driven by customer feedback and a desire to simplify the management of commonly used operational software. With add-ons, you can configure, deploy, and update operational software, which provides […]

Updated Oct. 19, 2022: Amazon ECR’s Enhanced Scanning, powered by AWS Inspector, now supports scanning zstd compressed container images AWS Fargate is a serverless compute engine for containerized workloads running on Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS). Once a containerized workload has been scheduled by a container orchestrator, […]

Introduction Many customers use Amazon Elastic Kubernetes Service (Amazon EKS) to host their mission-critical applications. As a best practice, we ask our customers to spread their applications across multiple distinct availability zones (AZ). Because “everything fails all the time,” Werner Vogel, CTO, Amazon To achieve high availability, customers deploy Amazon EKS worker nodes (Amazon EC2 […]

Click here for the full schedule of AWS events at KubeCon + CloudNativeCon North America 2022 Amazon Web Services (AWS) is headed to Detroit, Michigan for KubeCon + CloudNativeCon North America 2022. We are thrilled to connect with the Open Source community in person to share what we’ve been working on, and learn about how […]