Tag: Kubernetes

This blog post was co-written by Jim Bugwadia, Co-founder and CEO, Nirmata. This post is a follow-up to our previous blog, Implementing Pod Security Standards in Amazon EKS. Introduction Pods are the fundamental unit of execution in Kubernetes. In this post, we’ll look at how Kyverno can be used to manage pod security for Amazon […]

Introduction As the move to cloud native architectures continues to accelerate, one of the common challenges we hear from our customers is that adopting security best practices in Kubernetes clusters can be challenging. One area in particular that has come up in conversations often is how best to encrypt data in transit. This data encryption […]

Introduction Microservices architectures make applications easier to scale and faster to develop, which enables innovation and accelerating time-to-market for new features. For business applications with multiple clients (web, mobile, desktop, and smart devices), the application programming interface (API) Gateway microservices design pattern is helpful for adding centralized control and security. Containers and serverless are two […]

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In Part 1, we explored Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discussed handling of these resource types via Service and Ingress controllers, […]

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In Part 1 of the series, we explored Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discussed the handling of these resource types via […]

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In this Part 1 of the series, we explore Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discuss the handling of these resource types […]

Introduction Securely adopting Kubernetes includes preventing unwanted changes to clusters. Unwanted changes can disrupt cluster operations and even compromise cluster integrity. Introducing pods that lack correct security configurations is an example of an unwanted cluster change. To control pod security, Kubernetes provided Pod Security Policy (PSP) resources. PSPs specify a set of security settings that […]

Introduction Bottlerocket is a security focused operating system (OS) image that provides out-of-the-box security options to protect host or worker nodes. While Bottlerocket is useful, the security of the pods and the containers is still the responsibility of the application developer or provider. KubeArmor, a CNCF (Cloud Native Computing Foundation) sandbox project, is a runtime […]

Click here for the full schedule of AWS events at KubeCon + CloudNativeCon North America 2022 Amazon Web Services (AWS) is headed to Detroit, Michigan for KubeCon + CloudNativeCon North America 2022. We are thrilled to connect with the Open Source community in person to share what we’ve been working on, and learn about how […]

Introduction Amazon Elastic Kubernetes Service (Amazon EKS) helps customers move their container-based workloads to the AWS Cloud. Amazon EKS manages the Kubernetes control plane so customers don’t need to worry about scaling and maintaining Kubernetes components, such as etcd and application programming interface (API) servers. As a declarative and reconciling system, Kubernetes publishes various events […]