AWS Open Source Blog
Category: Security, Identity, & Compliance
Open source builders: Lessons learned
Part 1—Open source builders: Getting started Part 2—Open source builders: Lessons learned This two-part article series is based on recent interviews with Alex Casalboni, Senior Technical Advocate at AWS, about his project AWS Lambda Power Tuning; Olaf Conijn, Principal Architect at Moneyou, about his project that is helping users more effectively build infrastructure; and Liz […]
Open source builders: Getting started
Part 1—Open source builders: Getting started Part 2—Open source builders: Lessons learned Inspired by Matt Asay’s recent Open Source Builders series on The New Stack, I sat down and talked with three open source developers, project maintainers, and community contributors. I wanted to know why they joined or created their first open source projects, what […]
How to deploy a live events solution built with the Amazon Chime SDK
In this tutorial, I will explain how to deploy an interactive live events solution with which speakers can present to a large pre-selected audience, and moderators can screen attendees to participate in the broadcast. This interactive live events solution, built with the Amazon Chime SDK, addresses many of the shortcomings of traditional online meeting platforms […]
How a startup wants to help secure the open source ecosystem with huntr, a bug bounty board
This article is a guest post from 418sec co-founders Adam Nygate, Jake Mimoni, and Jamie Slome. Dependency on open source code has grown over the years, and as new open source technologies are introduced, so are more vulnerabilities. Review by “many eyes” helps secure open source software, and depends on exposing the code to as […]
Launching Open Distro for Elasticsearch security features on Amazon Elasticsearch Service
We are excited to announce that we are making new Open Distro for Elasticsearch security features available on Amazon Elasticsearch Service. Amazon Elasticsearch Service is frequently used for sensitive enterprise workloads, and today’s launch adds multiple capabilities to give you even tighter control over your data. New features include the ability to use roles to […]
re:Cap part three – open source at re:Invent 2019
Wrapping up our final summary, we kick off with a roundup of the open source updates in the area of compute and emerging technologies. We start with a great explanation of Fargate on Firecracker from Clare Ligouri during Werner Vogel’s keynote, and proceed to a broad selection of the container sessions and workshops that ran […]
Introducing fine-grained IAM roles for service accounts
Here at AWS we focus first and foremost on customer needs. In the context of access control in Amazon EKS, you asked in issue #23 of our public container roadmap for fine-grained IAM roles in EKS. To address this need, the community came up with a number of open source solutions, such as kube2iam, kiam, […]
Deploying the AWS IAM Authenticator to kops
This post is an updated version of Deploying the Heptio Authenticator to kops. Heptio Authenticator has since been donated to the Cloud Provider Special Interest Group (SIG), allowing the project to be collaboratively worked on. Now, instead of needing to manually configure the Authenticator, you can use kops primitives to deploy automatically when a cluster […]
Announcing Cloud Custodian Integration with AWS Security Hub
中文版 One of the popular options for automated security, compliance, and cost management solutions in the cloud is Cloud Custodian, an open source project sponsored by Capital One. Cloud Custodian is a flexible rules engine with policies written in simple YAML configuration files, with support for over 144 AWS resource types. However, because Cloud Custodian […]
Securing Amazon EKS Using Lambda and Falco
中文版 Intrusion and abnormality detection are important tools for stronger run-time security in applications deployed in containers on Amazon EKS clusters. In this post, Michael Ducy of Sysdig explains how Falco, a CNCF Sandbox Project, generates an alert when an abnormal application behavior is detected. AWS Lambda functions can then be configured to pass those […]