Security should always be on your mind. Great session Josh!

Very helpful content and will recommend for #terraform #aws

#Terraform #security #issue that may cost many companies huge amount of money. Terraform using state which usually saves in #AWS #S3(or similar). That means, that data that u enter in TF resources will be store in plain text in this state, all your keys, passwords, etc. From my experience, many companies and #devops dont know about this problem. And what more interesting it exists already for 10 years without fix https://lnkd.in/gt3pB9hn

Red Canary wrote a great article on how adversaries can steal AWS Single Sign-On (SSO) access tokens from local machines and how to detect it! 🔗

LocalStack is a tiny AWS you can carry with you in your laptop. It is tiny, local, yet extremely useful platform to locally test deployment scripts or to learn AWS concepts. Installation is just few steps, and you are ready to go !! Try it today - https://lnkd.in/gMgZw3fu For DevSecOps experts - the localstack integrates well into CI pipelines https://lnkd.in/gbF6C65p LocalStack #security #cloudsecurity #aws

Thinking about or currently using EKS on Amazon Web Services (AWS)? Join our live Q&A on July 10th to learn about: ➡ Configuring and optimising EKS clusters for performance and cost ➡ Strategies for securing #Kubernetes environments (RBAC, network policies, encryption) ➡ Techniques for monitoring, logging, and troubleshooting #K8s workloads on AWS If you have questions about your company's EKS implementation (or future migration plans) why not ask our experts? Christopher McGrath, Chimbu Chinnadurai, Lukas Stiebellehner, & Miguel de Lucas Manzano Link in comments 🔗

In case you missed it https://lnkd.in/e_MnaKyV actual working implementation of a Vault cluster in terraform running on AWS. Oh, also added in auto backup of raft storage which was also enterprise only .. oops..

Check out our latest blog post on "How to issue use-case bound certificates with AWS Private CA"! Learn how to define Key and Extended Key Usage values with the IssueCertificate API operation and implement the security benefits of accountability and least privilege. Enhance security and fulfill specific use cases with tailored X.509 certificates. Read the full article here: https://ift.tt/07z4bhM

Secrets are never managed in Kubernetes Secrets. In production setups, Particularly in enterprise environments, secrets are usually stored and managed using external secret management tools to comply with organizational security policies. For example: - HashiCorp Vault - AWS Secrets Manager - Google Cloud Secret Manager These tools provide features like automatic password rotation, data encryption etc. Applications might need certain secrets, such as API keys or database passwords. When deploying applications on Kubernetes, you need a secure mechanism to fetch these secrets from external services so the application can use them. This is where Kubernetes External Secrets Operator come into play. We have a hands-on guide on the External Secrets Operator with EKS. It covers detailed steps on how to access secrets stored in AWS Secrets Manager using the External Secrets Operator and EKS Pod Identity. 𝗗𝗲𝘁𝗮𝗶𝗹𝗲𝗱 𝗕𝗹𝗼𝗴: https://lnkd.in/eUFiPXtm In AWS, you can manage secrets using CSI driver implementations. We will cover this in a separate blog and explore how it differs from the External Secrets Operator. ---- 𝗡𝗼𝘁𝗲: In my CKA course, I cover the Kubernetes Secrets concept in detail with illustrations. 𝗖𝗼𝘂𝗿𝘀𝗲: https://lnkd.in/gA3taYbt #kubernetes

Excited to share the latest installment of our K8s Series: Part 5: Best Practices for Kubernetes Security: Strengthening Security on AWS EKS!☸ In this blog, we dive into essential strategies to enhance security within our Kubernetes environments, especially when utilizing AWS EKS. From implementing role-based access controls to securing our network policies, these best practices are crucial for safeguarding our applications and data. Check it out and let’s elevate our Kubernetes security together! 🔒 Link- https://lnkd.in/gr2BA7Sx Author : Nirav Raychura Kubernetes Amazon Web Services (AWS) #Kubernetes #EKS #CloudSecurity #BestPractices #DevOps #AWS #K8sSeries