The article explores security vulnerabilities in AWS EKS by deploying misconfigured Kubernetes pods. It demonstrates how an attacker can escape from a compromised pod to gain root access on the host and potentially access other services. The focus is on the implications of specific dangerous configurations and their exploitation.

AWS Backup can now back up Amazon EKS clusters and their data. This service offers automated scheduling, retention management, and the ability to restore entire clusters or specific elements. It simplifies backup processes by eliminating the need for custom scripts or third-party tools.

Amazon EKS and ECS have introduced fully managed Model Context Protocol (MCP) servers in preview. These servers enhance AI applications with real-time insights about clusters, simplifying development and operations by eliminating local installation and maintenance. Developers can configure AI coding assistants, while operators gain access to a rich knowledge base for best practices and troubleshooting.

This article explains how to use the AWS Secrets Manager Agent as a sidecar container in Amazon EKS. It details the benefits of caching secrets locally to reduce API calls and enhance application security. The post also covers the deployment steps, prerequisites, and IAM role configuration required for setup.

This article outlines how to deploy GitLab Runners on Amazon EKS Auto Mode to enhance containerized CI/CD processes. It highlights the use of EC2 Spot Instances for cost savings and provides a step-by-step guide for setting up the environment.

Amazon EKS and EKS Distro now support Kubernetes version 1.35, which includes features like In-Place Pod Resource Updates and PreferSameNode Traffic Distribution. Users can create new clusters or upgrade existing ones to this version through various tools. The update is available in all AWS regions, including GovCloud.

This article discusses how AWS and NVIDIA expanded GPU management capabilities to edge environments using Run:ai with Amazon EKS. It outlines the challenges organizations face when deploying AI workloads at the edge and details new features that support GPU fractionalization and orchestration across various infrastructures.

Amazon EKS Pod Identity now offers streamlined cross-account access for Kubernetes applications, allowing pods to access AWS resources in different accounts without complex configurations. The feature simplifies the process by enabling users to specify both source and target IAM roles during Pod Identity association creation, leveraging IAM role chaining for seamless access to resources like S3 and DynamoDB.

Implementing Karpenter on Amazon EKS requires setting up an AWS EKS cluster, creating IAM roles for both the control plane and worker nodes, and deploying Karpenter using Terraform. The article provides a detailed, step-by-step guide for these processes, including the necessary configurations and commands to run.

A DevOps engineer shares insights on reducing AWS compute costs by 70% through the implementation of a multi-architecture EKS cluster combined with Karpenter. The article details the strategies and tools used to optimize cloud infrastructure and improve cost efficiency.

Amazon EKS and Amazon EKS Distro now support Kubernetes version 1.34, featuring new security enhancements, improved resource management, and prioritized device requirements for better workload scheduling. Users can create new clusters or upgrade existing ones to this version through various interfaces. The update is available in all AWS Regions, including GovCloud.

Migrating Amazon EKS from version 1.29 to 1.32 involved careful planning and execution, focusing on upgrading Terraform modules, transitioning to Amazon Linux 2023, and implementing a blue/green deployment strategy to minimize downtime. The process highlighted the importance of addressing breaking changes, updating add-ons, and validating instance types to ensure a smooth upgrade across four clusters. Overall, the upgrade was completed in two weeks with minimal disruptions and enhanced security and performance.