Containers
Category: Expert (400)
Introducing OIDC identity provider authentication for Amazon EKS
Today, we introduced user authentication for Amazon EKS clusters from an OpenID Connect (OIDC) Identity Provider (IDP). This feature allows customers to integrate an OIDC identity provider with a new or existing Amazon EKS cluster running Kubernetes version 1.16 or later. The OIDC IDP can be used as an alternative to, or along with AWS […]
Read MoreService connectivity inside and outside the mesh using AWS App Mesh (ECS/Fargate)
AWS Customer: We want to pursue service mesh and establish a separate application-networking layer for efficiently handling our microservices applications. However, we want to meshify only a subset of our microservices and gradually add other services to the mesh as we get comfortable with the configurations. What are the recommended approaches to handle service to […]
Read MoreEnable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates
Today, we announce the general availability of an AWS App Mesh feature that enables traffic encryption between services using AWS Certificate Manager (ACM) or customer-provided certificates. We sought feedback from our customers last year through the AWS App Mesh roadmap issues #38 and #39 and the features were made available on the AWS App Mesh […]
Read MoreAWS CodeDeploy now supports linear and canary deployments for Amazon ECS
AWS CodeDeploy has extended blue/green deployment support for Elastic Container Service (Amazon ECS) to include canary and linear deployments for applications hosted on AWS Fargate or Amazon Compute Cloud (Amazon EC2). Blue/green deployments are a safe deployment strategy provided by AWS CodeDeploy for minimizing interruptions caused by changing application versions. This is accomplished by creating […]
Read MoreScanning images with Trivy in an AWS CodePipeline
This post was contributed by AWS Container Hero, Liz Rice, VP Open Source Engineering at Aqua Security. If you’re working with containers, it’s important to scan your images for known vulnerabilities, so that you don’t deploy code that an attacker can easily exploit. A good way of ensuring that all your deployed images get this […]
Read MoreCross Amazon EKS cluster App Mesh using AWS Cloud Map
Overview In this article, we are going to explore how to use AWS App Mesh across Amazon EKS (EKS) clusters. App Mesh is a service mesh that lets you control and monitor services spanning two clusters deployed in the same VPC. We’ll demonstrate this by using two EKS clusters within a VPC and an App […]
Read MoreHow to Run EKS Windows containers with group Managed Service Accounts (gMSA)
Windows-based networks commonly use Active Directory to facilitate authentication and authorization between users, computers, and other computer network resources. Traditionally, enterprise applications running on Windows platforms use either service accounts or Managed Service Accounts (MSA) for authentication and authorization. The use of service accounts brings with it the overhead of service account password management. In […]
Read MoreUsing Gloo as an Ingress Gateway for AWS App Mesh
As part of their organization’s digital transformation, more and more customers are electing to use a managed Kubernetes service, like Amazon EKS, as their container-orchestration system of choice to deploy, scale, and manage microservices. As the number of microservices grow within an application, it becomes difficult to pinpoint the exact location of errors, re-route traffic […]
Read More