Containers

Introduction We are excited to launch Amazon Elastic Container Service (Amazon ECS) Task Scale-in protection, which is a new capability that gives customers control over protecting Amazon ECS service tasks from being terminated by scale-in events from Amazon ECS service Auto Scaling or deployments. Customers can simply mark their mission-critical tasks as protected from scale-in […]

AWS App Runner is a fully managed service for running web applications and API servers. App Runner simplifies the experience to build and run secure web applications with little to no infrastructure in your account. You provide the source code or a container image, and App Runner builds and deploys your application containers for you, […]

Earlier this year we announced the general availability of App Runner VPC support. This feature enabled your services to communicate with databases and other applications hosted in an Amazon Virtual Private Cloud (Amazon VPC). Today, we released App Runner private services, and now customers can strengthen the security posture of their applications and meet their […]

Introduction Customers are moving to cloud thanks to its scalability and cost-effectiveness. Some are adopting Kubernetes to modernize their workloads for a more agile way to iterate and deliver time-to-market services or product features to their customers. As the number of clusters to be managed increases, customers struggle with different deployment mechanisms and application programming […]

Introduction Securely adopting Kubernetes includes preventing unwanted changes to clusters. Unwanted changes can disrupt cluster operations and even compromise cluster integrity. Introducing pods that lack correct security configurations is an example of an unwanted cluster change. To control pod security, Kubernetes provided Pod Security Policy (PSP) resources. PSPs specify a set of security settings that […]

This post was co-written by Shimon Tolts, CEO and Co-Founder, Datree. Introduction On July of 2020, we introduced the beta version of cdk8s+, a high-level intent driven application programming interface (API) designed to simplify Kubernetes resource configuration. Since its release, we’ve been working on adding capabilities and collecting feedback from our customers. Today, we’re happy […]

Today we are delighted to introduce the Container Build Lens, an Amazon Web Services (AWS) Well-Architected whitepaper. Using the AWS Well-Architected Framework—which provides architectural best practices for designing and operating workloads on AWS—the Container Build Lens outlines the steps for performing an AWS Well-Architected review that empowers customers to assess and identify technical risks of […]

Introduction Bottlerocket is a security focused operating system (OS) image that provides out-of-the-box security options to protect host or worker nodes. While Bottlerocket is useful, the security of the pods and the containers is still the responsibility of the application developer or provider. KubeArmor, a CNCF (Cloud Native Computing Foundation) sandbox project, is a runtime […]

Introduction Amazon Elastic Container Registry (Amazon ECR) is a fully managed container registry offering high-performance hosting, so you can reliably deploy application images and artifacts anywhere. It stores container images and artifacts that deploy application workloads across AWS services as well as non-AWS environments. Amazon ECR is a regional service, where each Region in each […]

Introduction As part of AWS re:Invent 2020, the Amazon Elastic Kubernetes Service (Amazon EKS) Team announced the release of Amazon EKS add-ons. The addition of add-ons was driven by customer feedback and a desire to simplify the management of commonly used operational software. With add-ons, you can configure, deploy, and update operational software, which provides […]