Containers

title: Understanding data transfer costs for AWS container services

Understanding data transfer costs for AWS container services

Overview Data transfer costs can play a significant role in determining the overall design of a system. Amazon Elastic Container Registry (Amazon ECR), Amazon Elastic Container Service (Amazon ECS), and Amazon Elastic Kubernetes Service (Amazon EKS) can incur data transfer charges depending on a variety of factors. It can be difficult to visualize what that means […]

Read More

Cryptographic Signing for Containers

Introduction In May of 2021, the United States Executive Branch released an Executive Order on Improving the Nation’s Cybersecurity. One of the key focus areas for this order was enhancing software supply chain security, with requirements around addressing supply chain risks by, in part: Securing development environments with strong access controls Using automated code scanning […]

Read More
title image: Provisioning infrastructure using the AWS Proton open source Backstage plugin

Provisioning infrastructure using the AWS Proton open-source Backstage plugin

Introduction The concept of the Internal Developer Platform (IDP) is becoming increasingly popular as it’s an innovative way for organizations to boost development velocity and reduce time to market. The IDP provides a set of shared capabilities that provide a standardized way for development teams to deploy applications to production. It is common for these […]

Read More
title img: Troubleshooting Amazon EKS API Servers with Prometheus

Troubleshooting Amazon EKS API servers with Prometheus

It’s every on-call’s nightmare—awakened by a text at 3 a.m. from your alert system that says there’s a problem with the cluster. You need to quickly determine if the issue is with the Amazon EKS managed control plane or the new custom application you just rolled out last week. Even though you installed the default […]

Read More
title image: Announcing NVIDIA GPU support for Bottlerocket on Amazon ECS

Announcing NVIDIA GPU support for Bottlerocket on Amazon ECS

Last year, we announced the general availability of the Amazon Elastic Container Service (Amazon ECS)-optimized Bottlerocket AMI. Bottlerocket is an open source project that focuses on security and maintainability, providing a reliable and consistent Linux distribution for hosting container-based workloads. Now, we are happy to announce that you can now run ECS NVIDIA GPU-accelerated workloads […]

Read More
Read the blog post about Harden Amazon EKS in minutes with Styra DAS Free and OPA

Harden Amazon EKS in minutes with Styra DAS Free and OPA

In the Amazon EKS Best Practices Guide, AWS recommends Open Policy Agent (OPA) as a policy-as-code (PaC) solution for Kubernetes pod security. The long list of pros provided for PaC focuses mainly on the flexibility and comprehensive control that PaC provides when compared with built-in pod security admission. While PaC brings powerful flexibility, it can […]

Read More
Title: A quick path to EKS SSO using AWS SSO

A quick path to Amazon EKS single sign-on using AWS SSO

With the rapid growth of software as a service (SaaS) and cloud adoption, identity is the new security perimeter. AWS Identity and Access Management (IAM) and Kubernetes role-based access control (RBAC) provide the tools to build a strong least-privilege security posture. Single sign-on (SSO) uses federation with a central identity provider (IdP) to improve security by allowing […]

Read More
Title img: Actuate uses AWS Fargate for ML-based, real-time video monitoring and threat detection

Actuate uses AWS Fargate for ML-based, real-time video monitoring and threat detection

This post was written in collaboration with Scott Underwood, Jacob Weiss, Tatiana Hanazaki, and Mark Berbera from Actuate AI. The goal at Actuate AI is to leverage technology to make the world a safer place. Our team at Actuate AI aims to do that by using cutting-edge computer vision to reduce the response time of […]

Read More
Read the blog post on Amazon EKS and Spot Instances in action at Delivery Hero.

Amazon EKS and Spot Instances in action at Delivery Hero

This post was coauthored by Christos Skevis, Senior Engineering Manager, Delivery Hero; Giovanny Salazar, Senior Systems Engineer, Delivery Hero; Miguel Mingorance, Senior Systems Engineer at Delivery Hero at the time the blog post was written; Cristian Măgherușan-Stanciu, Senior Specialist Solutions Architect, Flexible Compute, AWS; and Sascha Möllering, Principal Specialist Solutions Architect, Containers, AWS. This post […]

Read More
Title image: Using AWS Proton as a provisioning mechanism for Amazon EKS clusters

Using AWS Proton as a provisioning mechanism for Amazon EKS clusters

AWS customers have a number of options they can use to deploy Amazon Elastic Kubernetes Service (Amazon EKS) clusters. They can use the EKS console workflows, the eksctl CLI, the AWS Cloud Development Kit (AWS CDK), or several other options. There is often a single Ops-savvy user (or team) picking one of these options to […]

Read More