Amazon announced new capabilities for its Elastic Kubernetes Service (EKS) that simplify workload orchestration and cloud resource management. These features include Argo CD, AWS Controllers for Kubernetes, and Kube Resource Orchestrator, allowing users to manage Kubernetes applications more efficiently without handling underlying infrastructure complexities.

The article explores security vulnerabilities in AWS EKS by deploying misconfigured Kubernetes pods. It demonstrates how an attacker can escape from a compromised pod to gain root access on the host and potentially access other services. The focus is on the implications of specific dangerous configurations and their exploitation.

This article introduces Container Network Observability for Amazon EKS, a feature that enhances visibility into network performance and traffic patterns within Kubernetes clusters. It details key functionalities like performance metrics, service maps, and flow tables to help teams troubleshoot and optimize their containerized applications.

Amazon EKS now offers a Provisioned Control Plane that allows users to pre-allocate control plane capacity for predictable and high performance during demanding workloads. This feature provides multiple scaling tiers to ensure responsiveness during peak traffic without needing to scale dynamically. Users can monitor and adjust their control plane tier as workload requirements change.

This article explains how to use the AWS Secrets Manager Agent as a sidecar container in Amazon EKS. It details the benefits of caching secrets locally to reduce API calls and enhance application security. The post also covers the deployment steps, prerequisites, and IAM role configuration required for setup.

Amazon EKS and EKS Distro now support Kubernetes version 1.35, which includes features like In-Place Pod Resource Updates and PreferSameNode Traffic Distribution. Users can create new clusters or upgrade existing ones to this version through various tools. The update is available in all AWS regions, including GovCloud.

This article explains how to simplify the management of Amazon EKS clusters using Kube Resource Orchestrator (kro) and AWS Controllers for Kubernetes (ACK). It details the process of creating interconnected resources for Kubernetes clusters, addressing dependency management, and enabling GitOps workflows for better operational efficiency.

The article provides a step-by-step guide for testing configuration scanners on a deliberately insecure Kubernetes deployment using Terraform and Helm. It outlines the setup of an EKS cluster with insecure application pods, detailing the commands needed for deployment, testing, and cleanup, while highlighting the various security vulnerabilities present in the deployed applications.

The article compares the security features of AWS Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE), focusing on key areas such as identity and access management, network traffic control, configuration management, vulnerability management, and runtime threat detection. It highlights the differences in default settings and capabilities of both managed services, emphasizing aspects like IAM integration, firewall options, and runtime security tools.

Amazon EKS Auto Mode enhances Kubernetes cluster management on AWS by automating infrastructure tasks like compute management, networking, and security. Recent updates include improved performance, advanced networking capabilities, and enhanced security measures, allowing teams to focus on application development while reducing operational complexity. These features cater to diverse customer needs, particularly for AI/ML workloads and enterprise environments.

Amazon Web Services has launched AI on EKS, an open source initiative aimed at simplifying the deployment and scaling of AI/ML workloads on Amazon Elastic Kubernetes Service. This project provides deployment-ready blueprints, Terraform templates, and best practices to optimize infrastructure for large language models and other AI tasks, while separating it from the previously established Data on EKS initiative to enhance focus and maintainability.

Amazon EKS and Amazon EKS Distro now support Kubernetes version 1.34, featuring new security enhancements, improved resource management, and prioritized device requirements for better workload scheduling. Users can create new clusters or upgrade existing ones to this version through various interfaces. The update is available in all AWS Regions, including GovCloud.

Amazon EKS has launched a community add-ons catalog to simplify the management of Kubernetes add-ons by integrating popular community tools into the Amazon EKS ecosystem. This catalog allows users to install and manage add-ons directly through familiar AWS interfaces, enhancing operational efficiency and reducing misconfiguration risks. Key add-ons include metrics-server, kube-state-metrics, and cert-manager, which are essential for monitoring, security, and network management in Kubernetes clusters.

Migrating Amazon EKS from version 1.29 to 1.32 involved careful planning and execution, focusing on upgrading Terraform modules, transitioning to Amazon Linux 2023, and implementing a blue/green deployment strategy to minimize downtime. The process highlighted the importance of addressing breaking changes, updating add-ons, and validating instance types to ensure a smooth upgrade across four clusters. Overall, the upgrade was completed in two weeks with minimal disruptions and enhanced security and performance.