Blog Posts

Amazon Elastic Container Service (Amazon ECS) makes it easy to run and scale containerized workloads on AWS. The Amazon ECS task placement engine determines where tasks (logical groups of running containers) run. This lets you configure your containerized workloads for high-availability, resource optimization, or a combination of both. Learn more in the video below:

Want to learn about Amazon ECS and Amazon Elastic Container Registry (Amazon ECR) and how they can help you to deploy, manage, and scale industry-standard containerized applications on AWS? Checkout this Getting Started with Amazon ECS and Core Concepts video below:

I would like to share an interesting problem that came from some of our customers. This was an issue that they encountered with some of the EC2 instances in their ECS cluster. This blog post will suggest two solutions to solving this issue.

I’m sure you can relate to this story:

Step 1: You build the perfect application,

…

Step 3: you never think about it again.

In the end, your team hands you a trophy and you get a massive raise for your efforts as well as the love/adoration of junior, senior, and executive colleagues. Happens every day.

Imagine you sit down with your boss and they ask you “What do you think about Amazon Elastic Container Service (Amazon ECS) and security?” It’s a big topic, but worth exploring. In this blog post, you’ll learn about aspects of Amazon ECS that support better security practices and give you a few talking points when your boss asks you a similar question.

With this release, Amazon ECS integrates with AWS Private CA and automates the process of issuing, distributing, and rotating certificates, making it simple for customers to secure traffic between services without adding extra operational workload. Now Amazon ECS Service Connect customers can encrypt service-to-service communication using TLS without modifying their application code, as well as without requiring any extra network infrastructure or operating service mesh solutions. You can enable traffic encryption when at a per-Service Connect enabled service level within an existing namespace. First, you choose an existing or create a new AWS Private Certificate Authority, and then select it in the AWS Console, or provide its Amazon Resource Name (ARN) via CLI, to be used with your Amazon ECS Service Connect namespace. This CA is used for signing your certificates and will also be used as the root of trust. By default, Amazon ECS uses AWS managed symmetric encryption key to store the private key into customer’s secret manager. Optionally, you can provide your own symmetric keys for compliance reasons.