AWS Open Source Blog

Category: AWS Identity and Access Management (IAM)

Improving HA and long-term storage for Prometheus using Thanos on EKS with S3

Prometheus is an open source systems monitoring and alerting toolkit that is widely adopted as a standard monitoring tool with self-managed and provider-managed Kubernetes. Prometheus provides many useful features, such as dynamic service discovery, powerful queries, and seamless alert notification integration. Beyond certain scale, however, problems arise when basic Prometheus capabilities do not meet requirements […]

Read More

How to build a scalable BigBlueButton video conference solution on AWS

BigBlueButton is an open source video conference system that supports various audio and video formats and allows the use of integrated video-, screen- and document-sharing functions. BigBlueButton has features for multi-user whiteboards, breakout rooms, public and private chats, polling, moderation, emojis, and raise-hands. In this post, we will explain how AWS customers who are looking […]

Read More

Introducing fine-grained IAM roles for service accounts

Here at AWS we focus first and foremost on customer needs. In the context of access control in Amazon EKS, you asked in issue #23 of our public container roadmap for fine-grained IAM roles in EKS. To address this need, the community came up with a number of open source solutions, such as kube2iam, kiam, […]

Read More

Deploying the AWS IAM Authenticator to kops

This post is an updated version of Deploying the Heptio Authenticator to kops. Heptio Authenticator has since been donated to the Cloud Provider Special Interest Group (SIG), allowing the project to be collaboratively worked on. Now, instead of needing to manually configure the Authenticator, you can use kops primitives to deploy automatically when a cluster […]

Read More
Deploying the Heptio Authenticator to kops

Deploying the Heptio Authenticator to kops

This post has been updated – Deploying the AWS IAM Authenticator to kops 中文版   The Kubernetes 1.10 release has included alpha support for the client-go package to process external ExecCredential providers. This is being used to power the authentication against Amazon Elastic Container Service for Kubernetes (EKS) clusters while still following one of the […]

Read More