Category: Intermediate (200)

Today, we’re announcing customer-routed control plane egress, a new capability that you can use to route Kubernetes control plane traffic through your own Amazon Virtual Private Cloud (Amazon VPC). This includes admission webhook callbacks, OpenID Connect (OIDC) provider lookups, and aggregate API server requests. With this feature, you can apply the same VPC routing, security group, endpoint policy, and AWS Network Firewall controls that you use for your data plane to the Kubernetes API Server’s customer-controllable outbound traffic on Amazon Elastic Kubernetes Service (Amazon EKS) clusters.

Financial analytics at enterprise scale is unforgiving. Queries must return in seconds, not minutes. Thousands of finance professionals need concurrent access during monthly close cycles. And when data volumes grow from hundreds of gigabytes to terabytes, spanning billions of records, the infrastructure underneath must scale without forcing engineers to choose between performance and cost. This […]

This post covers how EKS Auto Mode handles VPC CNI optimization, pod density scaling, network security implementation, and hybrid connectivity.

In this post, we focus on observing and scaling ML operations (MLOps) infrastructure on Kubernetes. MLOps platforms running on Amazon EKS provide powerful built-in capabilities for logging, monitoring, and alerting that are essential for maintaining healthy ML systems at scale.

This post explores using the Amazon CloudWatch monitoring, including new Amazon EKS metrics and the CloudWatch Observability Operator, to gain deeper visibility into cluster operations, detect issues, understand bottlenecks, and maintain healthy EKS clusters.

In this deep dive, we explore advanced scenarios with Argo CD including hub-and-spoke multi-cluster deployments, native AWS service integrations, multi-tenancy implementation, scaling with advanced Argo CD configurations and integration with CI/CD pipeline.

Today, we’re excited to announce that Amazon ECR Public now offers Chainguard Wolfi Images—security-hardened, minimalist base container images that dramatically reduce vulnerabilities in your containerized applications.

In this blog post, we’ll walk through how to build an automated thread dump analysis pipeline that uses Prometheus for monitoring, Grafana for alerting, AWS Lambda for orchestration, and Amazon Bedrock for AI‑powered analysis. The solution works on both Amazon Elastic Container Services (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS), helping teams go from raw thread dumps to actionable insights within seconds of detecting an issue.

In this post, we demonstrate how to generate comprehensive reports for Amazon ECR repositories that include cost breakdowns, usage metrics, security scan results, and compliance status across all repositories. The solution provides two types of reports: a Repository Summary report containing attributes for tracking and optimizing cost, usage, and OS vulnerabilities, and an Image-Level report for detailed analysis of specific repository images.

Today, we are happy to announce new functionality in Amazon Elastic Container Services (Amazon ECS) that allows you to delete task definition revisions. Until now, you were only able to deregister a task definition revision and it would no longer display in your ListTaskDefinition API calls or in your Amazon ECS console, unless you specifically […]