Containers

Tag: Amazon EKS

Setting up end-to-end TLS encryption on Amazon EKS with the new AWS Load Balancer Controller

In this blog post, I’ll show you how to set up end-to-end encryption on Amazon Elastic Kubernetes Service(Amazon EKS). End-to end encryption in this case refers to traffic that originates from your client and terminates at an NGINX server running inside a sample app. I work with regulated customers who need to satisfy regulatory requirements […]

Read More

Advertising click-prediction modeling on Amazon EKS

In digital advertising, the ad click-through rate (CTR) model predicts the probability of a click given the ads and context x (for example, shopping query, time of the day, device). The output of a CTR model can be seen as a conditional probability p(y = click|x). A precise estimation of this probability influences our ability […]

Read More

Introducing OIDC identity provider authentication for Amazon EKS

Today, we introduced user authentication for Amazon EKS clusters from an OpenID Connect (OIDC) Identity Provider (IDP). This feature allows customers to integrate an OIDC identity provider with a new or existing Amazon EKS cluster running Kubernetes version 1.16 or later. The OIDC IDP can be used as an alternative to, or along with AWS […]

Read More

Authenticating with Docker Hub for AWS Container Services

Docker Hub has recently updated its terms of service to introduce rate limits for container image pulls. While these limits don’t apply to accounts under a Pro or Team plan, anonymous users are limited to 100 pulls per 6 hours per IP address, and authenticated free accounts are limited to 200 pulls per 6 hours. […]

Read More

Using EBS Snapshots for persistent storage with your EKS cluster

Originally, containers were a great fit for stateless applications. However, for many use cases there is a need for persistent storage, without which stateful workloads are not possible. Kubernetes first introduced support for stateful workloads with in-tree volume plugins, meaning that the plugin code was part of the core Kubernetes code and shipped with the […]

Read More

Easy as one-two-three policy management with Kyverno on Amazon EKS

This post is contributed by Raj Seshadri and Jimmy Ray As containers are used in cloud native production environments, DevOps and security teams need to gain real-time visibility into container activity, restrict container access to host and network resources, and detect and prevent exploits and attacks on running containers. Kyverno is a policy engine for […]

Read More
AWS Step Functions state machine

Introducing AWS Step Functions integration with Amazon EKS

This is my first post on AWS Container Blog since I joined AWS and I could not be more excited to talk about two technologies now working together: Serverless and Kubernetes, or more specifically AWS Step Functions and Amazon Elastic Kubernetes Service. In my previous role, I envisioned to build a web application that would […]

Read More

Implementing Runtime security in Amazon EKS using CNCF Falco

Many organisations are in the process of migrating their applications to containers. Containers provide application-level dependency management, speedy launches, and support immutability. This can help reduce costs, increase velocity, and improve on efficiency. For securely managing the container lifecycle, container image hardening, and end-to-end security checks are critical factors. Containers need to be secured by […]

Read More

Windows Authentication on Amazon EKS Windows pods

Per Microsoft documentation: Windows-based networks commonly use Active Directory (AD) to facilitate authentication and authorization between users, computers, and other network resources. Enterprise application developers often design their apps to be AD-integrated and run on domain-joined servers to take advantage of Integrated Windows Authentication, which makes it easy for users and other services to automatically […]

Read More