Containers

Category: Best Practices

Building Amazon Linux 2 CIS Benchmark AMIs for Amazon EKS

Building Amazon Linux 2 CIS Benchmark AMIs for Amazon EKS

Introduction The Center for Internet Security (CIS) Benchmarks are best practices for the secure configuration of a target system. They define various Benchmarks for Kubernetes control plane and the data plane. For Amazon EKS clusters, it is strongly recommended to follow the CIS Amazon EKS Benchmark. If the data plane of an Amazon EKS cluster uses Amazon Linux […]

Amazon ECR in Multi-Account and Multi-Region Architectures

Amazon ECR in Multi-Account and Multi-Region Architectures

Introduction Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry offering high-performance hosting, so you can reliably deploy application images and artifacts anywhere. It stores container images and artifacts that deploy application workloads across AWS services as well as non-AWS environments. Amazon ECR is a regional service, where each Region in each […]

Understanding and Cost Optimizing Amazon EKS Control Plane Logs

Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service that provides a highly available single-tenant control plane to run and scale Kubernetes applications in the cloud or on-premises. Logs are an important way to debug problems, audit cluster activities, and monitor the health of your application. Kubernetes logging can be divided into control […]

Read our blog post about stretching your on-premises environment to AWS using Amazon ECS Anywhere.

Stretching your on-premises environment to AWS using Amazon ECS Anywhere

Amazon Elastic Container Service (Amazon ECS) allows customers to run container workloads in AWS on AWS-managed infrastructure as well as on customer-managed infrastructure using Amazon ECS Anywhere. Whether on premises or in the cloud, customers have a consistent cluster management, workload scheduling, and monitoring experience with Amazon ECS. Amazon ECS Anywhere lets you have a […]

title: Understanding data transfer costs for AWS container services

Understanding data transfer costs for AWS container services

Overview Data transfer costs can play a significant role in determining the overall design of a system. The Amazon Elastic Container Registry (Amazon ECR), Amazon Elastic Container Service (Amazon ECS), and Amazon Elastic Kubernetes Service (Amazon EKS) can all incur data transfer charges depending on a variety of factors. It can be difficult to visualize what […]

Title: A quick path to EKS SSO using AWS SSO

A quick path to Amazon EKS single sign-on using AWS SSO

With the rapid growth of software as a service (SaaS) and cloud adoption, identity is the new security perimeter. AWS Identity and Access Management (IAM) and Kubernetes role-based access control (RBAC) provide the tools to build a strong least-privilege security posture. Single sign-on (SSO) uses federation with a central identity provider (IdP) to improve security by allowing […]

Title image: Using AWS Proton as a provisioning mechanism for Amazon EKS clusters

Using AWS Proton as a provisioning mechanism for Amazon EKS clusters

AWS customers have a number of options they can use to deploy Amazon Elastic Kubernetes Service (Amazon EKS) clusters. They can use the EKS console workflows, the eksctl CLI, the AWS Cloud Development Kit (AWS CDK), or several other options. There is often a single Ops-savvy user (or team) picking one of these options to […]

Title image:

How to use components to augment the infrastructure in an AWS Proton template

Introduction AWS Proton is a managed service that helps platform engineers scale their impact by defining, vending, and maintaining infrastructure templates for self-service deployments. With Proton, customers can standardize centralized templates to meet security, cost, and compliance goals. Proton helps platform engineers scale up their impact with a self-service model, resulting in higher velocity for […]

ECS auto scaling using custom metrics

Amazon Elastic Container Service (ECS) Auto Scaling using custom metrics

Introduction Amazon ECS eliminates the need to install, operate, and scale your own cluster management infrastructure. Customers are using horizontal scalability to deploy and scale their microservices applications running on Amazon ECS. They use the Application Auto Scaling service to automatically scale based on metrics data. Amazon ECS typically measures service utilization based on average […]