Containers

Tag: encryption

mTLS in App Mesh

Using mTLS with SPIFFE/SPIRE in AWS App Mesh on Amazon EKS

By Efe Selcuk and Apurup Chevuru and Michael Hausenblas You know that here at AWS we consider security as “job zero”, and in the context of the shared responsibility model we provide you with controls to take care of your part. One popular use case of service meshes is to strengthen the security posture of […]

Read More

Introducing Amazon ECR server-side encryption using AWS Key Management System

Today, we introduced Amazon Elastic Container Registry (Amazon ECR) server-side encryption at rest using AWS managed and customer managed master keys stored in AWS Key Management System (AWS KMS). This feature allows you to select the appropriate key management configuration to meet your security and compliance requirements, and meet the level of control required for […]

Read More

Introducing server-side encryption of ephemeral storage using AWS Fargate-managed keys in AWS Fargate platform version 1.4

This post was contributed by Yuling Zhou, Eduardo Lopez Biagi, and Paavan Mistry. Today, we introduced server-side encryption of ephemeral storage in AWS Fargate platform version 1.4. The ephemeral task storage is automatically encrypted with industry-standard AES-256 encryption algorithm using AWS Fargate-managed keys for the updated platform version. This feature requires no additional configuration from […]

Read More

Enable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates

Today, we announce the general availability of an AWS App Mesh feature that enables traffic encryption between services using AWS Certificate Manager (ACM) or customer-provided certificates. We sought feedback from our customers last year through the AWS App Mesh roadmap issues #38 and #39 and the features were made available on the AWS App Mesh […]

Read More

Using EKS encryption provider support for defense-in-depth

Gyuho Lee, Rashmi Dwaraka, and Michael Hausenblas When we announced that we plan to natively support the AWS Encryption Provider in Amazon EKS, the feedback we got from you was pretty clear: can we have it yesterday? Now we’re launching EKS support for the encryption provider, a vital defense-in-depth security feature. That is, you can […]

Read More