Containers
Migrate Amazon EC2 to EKS Auto Mode using Kiro CLI and MCP servers
In this post, you walk through a practical migration scenario where a Node.js web application running on EC2 instances is migrated into a highly scalable, containerized service on EKS Auto Mode. You will learn how to configure and use the AWS and Amazon EKS MCP Servers with Kiro CLI to automate critical migration tasks from Dockerfile creation and image optimization to Kubernetes manifest generation and production deployment on EKS Auto Mode.
Full request and response compliance logging on Amazon EKS
In this post, we demonstrate how to use Envoy’s External Processing filter (ext_proc) to solve this challenge on Amazon EKS. This solution captures complete request and response data without modifying application code, providing the compliance-grade audit trails that regulators require.
Diagnose Kubernetes Control Plane Performance Issues with AWS DevOps Agent
This post demonstrates how AWS DevOps Agent diagnoses Amazon Elastic Kubernetes Service (Amazon EKS) API server performance degradation, specifically 429 throttling and API Priority and Fairness (APF) seat exhaustion.
Announcing Amazon EKS Rollback for safe and reliable management of cluster upgrades
Today, we’re announcing Amazon EKS Version Rollback, a new capability that allows cluster administrators to safely roll back Kubernetes version upgrades on Amazon Elastic Kubernetes Service (Amazon EKS) clusters. With this feature, you can now confidently roll out new version upgrades across your EKS fleet with an additional safety net.
Faster nodes, smarter scaling: What’s new inside Amazon Elastic Kubernetes Service (Amazon EKS) Auto Mode
In this post, we walk through the performance and scalability improvements we shipped across the four pillars of EKS Auto Mode: runtime, compute, storage, and networking.
Amazon EKS now supports control plane egress through your VPC
Today, we’re announcing customer-routed control plane egress, a new capability that you can use to route Kubernetes control plane traffic through your own Amazon Virtual Private Cloud (Amazon VPC). This includes admission webhook callbacks, OpenID Connect (OIDC) provider lookups, and aggregate API server requests. With this feature, you can apply the same VPC routing, security group, endpoint policy, and AWS Network Firewall controls that you use for your data plane to the Kubernetes API Server’s customer-controllable outbound traffic on Amazon Elastic Kubernetes Service (Amazon EKS) clusters.
Better Together: Amazon EKS Auto Mode and Istio Ambient Mesh
In this post, you will learn how Amazon EKS Auto Mode and Istio Ambient Mesh work together to automate infrastructure management while providing automatic mTLS-based service-to-service security, helping reduce operational overhead and designed to help strengthen your security posture.
Scaling StarRocks on Amazon EKS with KEDA and Karpenter for enterprise OLAP workloads
Financial analytics at enterprise scale is unforgiving. Queries must return in seconds, not minutes. Thousands of finance professionals need concurrent access during monthly close cycles. And when data volumes grow from hundreds of gigabytes to terabytes, spanning billions of records, the infrastructure underneath must scale without forcing engineers to choose between performance and cost. This […]
AI-powered event-driven Amazon EKS AMI updates with GitOps
This post demonstrates an automated solution that combines AI-powered risk analysis with GitOps principles to streamline Amazon EKS AMI updates while maintaining appropriate human oversight through familiar GitHub workflows.
Bitnami image removal from ECR Public
Starting on June 10th, 2026, Bitnami container images will no longer be available on Amazon ECR Public Gallery. If you currently pull Bitnami images directly from ECR Public in your workloads, you need to take action before this date to avoid service disruption. In this post, we walk you through how to determine if you’re affected, how to mirror the images you need to your own private registry, and best practices for protecting your workloads from future upstream changes.









