Containers
Category: Learning Levels
Introducing OIDC identity provider authentication for Amazon EKS
Today, we introduced user authentication for Amazon EKS clusters from an OpenID Connect (OIDC) Identity Provider (IDP). This feature allows customers to integrate an OIDC identity provider with a new or existing Amazon EKS cluster running Kubernetes version 1.16 or later. The OIDC IDP can be used as an alternative to, or along with AWS […]
Read MoreAccelerate modernization of your application using App2Container
Introduction Many enterprises want to modernize their existing applications and containerize them to minimize disruptions that could stem from clunky, outdated and unscalable legacy systems. These enterprises need tools to simplify the containerization process of existing Java and .NET applications and increase operational efficiency, harmonize CI/CD processes, and increase agility. AWS App2Container (A2C) enables companies […]
Read MoreService connectivity inside and outside the mesh using AWS App Mesh (ECS/Fargate)
AWS Customer: We want to pursue service mesh and establish a separate application-networking layer for efficiently handling our microservices applications. However, we want to meshify only a subset of our microservices and gradually add other services to the mesh as we get comfortable with the configurations. What are the recommended approaches to handle service to […]
Read MoreBuilding serverless admission webhooks for Kubernetes with AWS SAM
Authors: Simon Woldemichael, Associate Solutions Architect, WWPS Solution Architecture Josh Jiang, Associate Cloud Developer, Professional Services Shared Delivery Teams Learning Level: 300 Controlling resource deployments in your Kubernetes cluster can become a difficult challenge. For instance, pushing changes to a production environment can run the risk of installing an incompatible package or vulnerable dependency that […]
Read MoreEnable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates
Today, we announce the general availability of an AWS App Mesh feature that enables traffic encryption between services using AWS Certificate Manager (ACM) or customer-provided certificates. We sought feedback from our customers last year through the AWS App Mesh roadmap issues #38 and #39 and the features were made available on the AWS App Mesh […]
Read MoreAccess Logging Made Easy with AWS App Mesh and Fluent Bit
I’ve found that the term microservices can have different meanings and benefits depending on who you talk to. However, the one benefit where I’ve typically found consensus is that microservices allow your teams to have the freedom to choose the best tool for each job. Meaning, microservices architectures shouldn’t follow a “one size fits all” […]
Read MoreAWS CodeDeploy now supports linear and canary deployments for Amazon ECS
AWS CodeDeploy has extended blue/green deployment support for Elastic Container Service (Amazon ECS) to include canary and linear deployments for applications hosted on AWS Fargate or Amazon Compute Cloud (Amazon EC2). Blue/green deployments are a safe deployment strategy provided by AWS CodeDeploy for minimizing interruptions caused by changing application versions. This is accomplished by creating […]
Read MoreHow to use Multiple load balancer Target Group Support for Amazon ECS to access internal and external service endpoint using the same DNS name
Customers running container-based applications on Amazon ECS using Amazon EC2 (commonly referred to as EC2) or AWS Fargate, frequently need to expose the application to both external clients and internal clients within the Amazon VPC (commonly referred to as VPC). In this blog post, we will look at a solution to optimize cost and reduce […]
Read MoreScanning images with Trivy in an AWS CodePipeline
This post was contributed by AWS Container Hero, Liz Rice, VP Open Source Engineering at Aqua Security. If you’re working with containers, it’s important to scan your images for known vulnerabilities, so that you don’t deploy code that an attacker can easily exploit. A good way of ensuring that all your deployed images get this […]
Read MoreUnder the hood: FireLens for Amazon ECS Tasks
Recently, Amazon ECS announced support for custom log routing via FireLens. FireLens makes it easy to use the popular open source logging projects Fluentd and Fluent Bit; enabling you to send logs to a wide array of AWS Services and partner destinations. In this post, I detail how and why we built FireLens. I also […]
Read More