Containers
Category: Security, Identity, & Compliance
Automating image compliance for Amazon ECS and Amazon EKS using Amazon Elastic Container Registry (ECR) and AWS Security Hub
Introduction As containers move to cloud native production environments, DevOps and security teams increasingly look to deploy DevSecOps pipelines that provide automated real-time visibility into container activity, restrict container access to host and network resources and detect and prevent exploits and attacks on running containers. In this blog post, we implement a solution that demonstrates […]
Authenticating with Docker Hub for AWS Container Services
Docker Hub has recently updated its terms of service to introduce rate limits for container image pulls. While these limits don’t apply to accounts under a Pro or Team plan, anonymous users are limited to 100 pulls per 6 hours per IP address, and authenticated free accounts are limited to 200 pulls per 6 hours. […]
Results of the 2020 AWS Container Security Survey
In 2019 we carried out the first AWS Container Security Survey and now we have the results of this year’s survey for you available. As in 2019, we conducted an anonymous survey throughout 2020 amongst container users on AWS. From the 655 people who visited the survey, 295 started it and 156 completed it (completion […]
Enable traffic encryption between services in AWS App Mesh using AWS Certificate Manager or customer-provided certificates
NOTICE: October 04, 2024 – This post no longer reflects the best guidance for configuring a service mesh with Amazon ECS and Amazon EKS, and its examples no longer work as shown. For workloads running on Amazon ECS, please refer to newer content on Amazon ECS Service Connect, and for workloads running on Amazon EKS, […]
Using EKS encryption provider support for defense-in-depth
Gyuho Lee, Rashmi Dwaraka, and Michael Hausenblas When we announced that we plan to natively support the AWS Encryption Provider in Amazon EKS, the feedback we got from you was pretty clear: can we have it yesterday? Now we’re launching EKS support for the encryption provider, a vital defense-in-depth security feature. That is, you can […]
Results of the 2019 AWS Container Security Survey
Security is a top priority in AWS, and in our service team we naturally focus on container security. In order to better assess where we stand, we conducted an anonymous survey in late 2019 amongst container users on AWS. Overall, we got 68 responses from a variety of roles, from ops folks and SREs to […]