Tag: OPA

Read the blog post about Harden Amazon EKS in minutes with Styra DAS Free and OPA

Harden Amazon EKS in minutes with Styra DAS Free and OPA

In the Amazon EKS Best Practices Guide, AWS recommends Open Policy Agent (OPA) as a policy-as-code (PaC) solution for Kubernetes pod security. The long list of pros provided for PaC focuses mainly on the flexibility and comprehensive control that PaC provides when compared with built-in pod security admission. While PaC brings powerful flexibility, it can […]

How to automate Amazon EKS preventative controls in CI/CD using CDK and OPA/Conftest

Amazon Elastic Kubernetes Services (Amazon EKS) is a fully managed service that helps customers run their Kubernetes clusters at scale by minimizing the efforts required to operate a Kubernetes control plane. AWS customers are accelerating EKS adoption to run large-scale Kubernetes workloads. As a result, customers are facing challenges to enforce security policies at scale […]

Using Gatekeeper as a drop-in Pod Security Policy replacement in Amazon EKS

Jason Umiker If you are managing a Kubernetes cluster or you are a security professional responsible for one then you likely have heard that you should be implementing Kubernetes Pod Security Policies (PSPs) on the cluster in order to improve your security posture. Using PSPs can help to block pods from being disruptive to their […]

OCI Artifact Support In Amazon ECR

By Shubhra Deshpande and Michael Hausenblas In the container roadmap issue 308 you asked us about making Amazon Elastic Container Registry (ECR) understand artifact types beyond container images. We now launched support for Open Container Initiative (OCI) artifacts, such as Helm charts. In this post we give you some background on OCI artifacts and walk […]