Containers
Category: Security
Implementing usage and security reporting for Amazon ECR
In this post, we demonstrate how to generate comprehensive reports for Amazon ECR repositories that include cost breakdowns, usage metrics, security scan results, and compliance status across all repositories. The solution provides two types of reports: a Repository Summary report containing attributes for tracking and optimizing cost, usage, and OS vulnerabilities, and an Image-Level report for detailed analysis of specific repository images.
Announcing additional Linux controls for Amazon ECS tasks on AWS Fargate
Introduction An Amazon Elastic Container Service (Amazon ECS) task is a number of co-located containers that are scheduled on to AWS Fargate or an Amazon EC2 container instance. Containers use Linux namespaces to provide workload isolation—and with namespaces—even though containers are scheduled together in an Amazon ECS task, they’re still isolated from each other and […]
Building STIG-compliant AMIs for Amazon EKS
As more organizations required to run hardened virtual machines to increase security to meet the internal compliance adopt Kubernetes, there is a need for hardened Amazon Machine Images (AMIs) that work with Amazon Elastic Kubernetes Service (Amazon EKS). There are multiple options to choose from. One solution is to use Bottlerocket, a special-purpose OS from […]
Enable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates
NOTICE: October 04, 2024 – This post no longer reflects the best guidance for configuring a service mesh with Amazon ECS and Amazon EKS, and its examples no longer work as shown. For workloads running on Amazon ECS, please refer to newer content on Amazon ECS Service Connect, and for workloads running on Amazon EKS, […]