Category: *Post Types

Introduction Securely adopting Kubernetes includes preventing unwanted changes to clusters. Unwanted changes can disrupt cluster operations and even compromise cluster integrity. Introducing pods that lack correct security configurations is an example of an unwanted cluster change. To control pod security, Kubernetes provided Pod Security Policy (PSP) resources. PSPs specify a set of security settings that […]

This post was co-written by Shimon Tolts, CEO and Co-Founder, Datree. Introduction On July of 2020, we introduced the beta version of cdk8s+, a high-level intent driven application programming interface (API) designed to simplify Kubernetes resource configuration. Since its release, we’ve been working on adding capabilities and collecting feedback from our customers. Today, we’re happy […]

Today we are delighted to introduce the Container Build Lens, an Amazon Web Services (AWS) Well-Architected whitepaper. Using the AWS Well-Architected Framework—which provides architectural best practices for designing and operating workloads on AWS—the Container Build Lens outlines the steps for performing an AWS Well-Architected review that empowers customers to assess and identify technical risks of […]

Introduction Bottlerocket is a security focused operating system (OS) image that provides out-of-the-box security options to protect host or worker nodes. While Bottlerocket is useful, the security of the pods and the containers is still the responsibility of the application developer or provider. KubeArmor, a CNCF (Cloud Native Computing Foundation) sandbox project, is a runtime […]

Introduction Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry offering high-performance hosting, so you can reliably deploy application images and artifacts anywhere. It stores container images and artifacts that deploy application workloads across AWS services as well as non-AWS environments. Amazon ECR is a regional service, where each Region in each […]

Introduction As part of AWS re:Invent 2020, the Amazon Elastic Kubernetes Service (Amazon EKS) Team announced the release of Amazon EKS add-ons. The addition of add-ons was driven by customer feedback and a desire to simplify the management of commonly used operational software. With add-ons, you can configure, deploy, and update operational software, which provides […]

Updated Oct. 19, 2022: Amazon ECR’s Enhanced Scanning, powered by AWS Inspector, now supports scanning zstd compressed container images AWS Fargate is a serverless compute engine for containerized workloads running on Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS). Once a containerized workload has been scheduled by a container orchestrator, […]

This post was co-written by Joshua Major, VP of Engineering, GPO, and Jesse Varnado, Director of Engineering, GPO. Introduction AWS Proton is a managed service for platform engineers to increase the pace of innovation by defining, vending, and maintaining infrastructure templates for self-service deployments. With AWS Proton, customers can standardize centralized templates to meet security, […]

Introduction Many customers use Amazon Elastic Kubernetes Service (Amazon EKS) to host their mission-critical applications. As a best practice, we ask our customers to spread their applications across multiple distinct availability zones (AZ). Because “everything fails all the time,” Werner Vogel, CTO, Amazon To achieve high availability, customers deploy Amazon EKS worker nodes (Amazon EC2 […]

Click here for the full schedule of AWS events at KubeCon + CloudNativeCon North America 2022 Amazon Web Services (AWS) is headed to Detroit, Michigan for KubeCon + CloudNativeCon North America 2022. We are thrilled to connect with the Open Source community in person to share what we’ve been working on, and learn about how […]