Category: Compute

Imaya Kumar Jagannathan, TP Kohli, and Michael Hausenblas In Using Prometheus Metrics in Amazon CloudWatch we showed you how to use the beta version of the Amazon CloudWatch supporting the ingestion of Prometheus metrics. Now that we made this feature generally available we explore its benefits in greater detail and show you how to use […]

This post was contributed by Charu Khurana, Senior Solutions Architect, and John Formento, Solutions Architect. Amazon Elastic Container Service (Amazon ECS) with the AWS Fargate launch type is a powerful, cloud native, container service that allows customers to create container-based workloads in a matter of minutes without managing the underlying infrastructure. Even with the serverless […]

Elasticity and cost have always been major factors in improving the operational efficiency of organizations, which in turn drives business transformation and agility. Elasticity is defined as the ability of the infrastructure (including application) to be able to seamlessly scale out and scale in based on the load. This is also called auto scaling. If […]

Introduction On July 9, 2020, we introduced AWS Copilot, a new command line interface (CLI) to build, release, and operate production ready containerized applications on Amazon Elastic Container Service (Amazon ECS) and AWS Fargate. In this post, we walk you through how to communicate between microservices with service discovery using  AWS Copilot. You can also refer to […]

Many enterprise customers adopt multi-account strategy to meet their business needs and at the same time reduce the security blast radius. Customers have had problems maintaining network topology because of constant growth and increased workloads. They can quickly run out of IP space while planning out the VPC Classless Inter-Domain Routing (CIDR). In this blog, […]

As organizations move to containers, there can be a sense that they are losing control or visibility of the software that is deployed to their environments. Historically, once a server is in production, a scanning tool runs on a regular basis to detect vulnerabilities on the operating system. Once a vulnerability is detected, an operations […]

This post was contributed by Greg Sterin, Senior Staff Software Engineer, Affirm. Affirm’s mission is to deliver honest financial products that improve lives. Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm’s Platform Engineering team […]

Jason Umiker If you are managing a Kubernetes cluster or you are a security professional responsible for one then you likely have heard that you should be implementing Kubernetes Pod Security Policies (PSPs) on the cluster in order to improve your security posture. Using PSPs can help to block pods from being disruptive to their […]

Updated Sept. 24, 2021 – This post has been amended to include a newly available option to integrate cert-manager with AWS Private CA to issue certificates. While working with customers on their projects, I often hear “I want to secure all my traffic with granular encryption-in-transit, close to application code, but decouple security from it.” […]

AWS customers love using managed services because they can offload the undifferentiated heavy lifting associated with deploying applications while they focus on innovating to support their business. Throughout the years, this is why so many customers have opted to use Amazon Elastic Beanstalk to deploy their software artifacts. Customers can pick a runtime environment, point […]