Containers

This post details how platform engineering teams can build an assurance pipeline for Amazon EKS deployments, incorporating validation frameworks that verify configurations, test infrastructure as code (IaC), assess application resilience, and establish compliance with organizational standards.

Amazon Web Services (AWS) announced the availability of DNS-based and Admin network policies for Amazon Elastic Kubernetes Service (EKS) Auto mode and Admin network policies for both EKS Auto mode and EKS on Amazon Elastic Compute Cloud (EC2), providing enhanced capabilities to secure network traffic both within your clusters and to external endpoints. In this post, we explore practical use cases that demonstrate how these policies solve real-world challenges and remove the need to rely on third-party software across different deployment scenarios, from securing access to external services to hybrid cloud integration and multi-tenant environments.

This post explores using the Amazon CloudWatch monitoring, including new Amazon EKS metrics and the CloudWatch Observability Operator, to gain deeper visibility into cluster operations, detect issues, understand bottlenecks, and maintain healthy EKS clusters.

In this deep dive, we explore advanced scenarios with Argo CD including hub-and-spoke multi-cluster deployments, native AWS service integrations, multi-tenancy implementation, scaling with advanced Argo CD configurations and integration with CI/CD pipeline.

Today, we’re excited to announce that Amazon ECR Public now offers Chainguard Wolfi Images—security-hardened, minimalist base container images that dramatically reduce vulnerabilities in your containerized applications.

Today, we are excited to announce the expansion of native network policy support in Amazon EKS to include both Admin Policies and Application Network Policies. With these additional policies, Cluster Administrators (e.g. platform or security teams) can set cluster-wide security rules for their clusters to enhance the overall network security for their Kubernetes workloads. In […]

In this blog post, we’ll walk through how to build an automated thread dump analysis pipeline that uses Prometheus for monitoring, Grafana for alerting, AWS Lambda for orchestration, and Amazon Bedrock for AI‑powered analysis. The solution works on both Amazon Elastic Container Services (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS), helping teams go from raw thread dumps to actionable insights within seconds of detecting an issue.

Amazon EKS introduces Provisioned Control Plane, a new capability that allows you to pre-allocate control plane capacity for predictable, high-performance Kubernetes operations at scale. In this post, we explore how this enhanced option complements the Standard Control Plane by offering multiple scaling tiers (XL, 2XL, 4XL) with well-defined performance characteristics for API request concurrency, pod scheduling rates, and cluster database size—enabling you to handle demanding workloads like ultra-scale AI training, high-performance computing, and mission-critical applications with confidence.

Amazon EKS Blueprints for CDK now supports EKS Auto Mode, enabling developers to deploy fully managed Kubernetes clusters with minimal configuration while AWS automatically handles infrastructure provisioning, compute scaling, and core add-on management. In this post, we explore how this integration combines EKS Blueprints’ declarative infrastructure-as-code approach with EKS Auto Mode’s hands-off cluster operations, providing three practical deployment patterns—from basic clusters to specialized ARM-based and AI/ML workloads—that let teams focus on application development rather than infrastructure management .

In this post, we explore how to enhance and monitor network performance for ML inference workloads running on Amazon EKS using the newly launched Container Network Observability feature. We demonstrate practical use cases through a sample Stable Diffusion image generation workload, showing how platform teams can visualize service communication, analyze traffic patterns, investigate latency issues, and identify network bottlenecks—ultimately improving metrics like inference latency and time to first token.