Discover and read the best of Twitter Threads about #eks
Most recents (4)
Mounting a #Kubernetes service account to a pod with permissions to deploy other pods implies that if your app has RCE, a threat actor will be able to infect other Services in the cluster (yes, even if you use strict PSPs) #KubernetesSecurity #k8s #aks #gke #eks
#DevSecOps
🧵 👇
#DevSecOps
🧵 👇
Background:
▪︎ A Service in #k8s is an object that balances HTTP requests between pods belonging to that Service
▪︎ A Service identifies its pods through a set of labels (e.g. "fancy-app: prod", "db: users", etc)
▪︎ A Service in #k8s is an object that balances HTTP requests between pods belonging to that Service
▪︎ A Service identifies its pods through a set of labels (e.g. "fancy-app: prod", "db: users", etc)
▪︎ A pod with a label associated with a Service will become part of that Service automatically
Attack scenario:
1. A pod is mounting a service account with permissions to deploy other pods
2. A container in the pod is running a vulnerable app, providing RCE to an attacker
Attack scenario:
1. A pod is mounting a service account with permissions to deploy other pods
2. A container in the pod is running a vulnerable app, providing RCE to an attacker
New launch! Starting today, @awscloud #AppRunner services can communicate with private endpoints hosted in your VPCs. Simply create a VPC connector by specifying subnet(s) and security group(s) to control egress access from your service to your VPC. /1
aws.amazon.com/blogs/aws/new-…
aws.amazon.com/blogs/aws/new-…
If you are not already familiar with AWS #AppRunner, here is a mini thread with useful links to get started. It is easy to get a secure, auto-scaled, highly-available web app running within a few minutes: /2
#AppRunner is built on #ECS #Fargate. VPC connectors are a new, simple, secure and scalable option for your containers to privately access your VPCs in Fargate, exposed in #AppRunner. /3
aws.amazon.com/fargate/
aws.amazon.com/fargate/
Bırakın $ırıngaları da Avrupa'da en fazla kenevir ekili alan niçin ve nasıl Fransa'da ona bakalım..
Keneviri de Fransa'yı da anlatılmadığı gibi anlayalım.
#oxygen #oksijen #PCR #maske #testkiti #ECS #EKS
#Anandamide #hempoil #cannabisindustry #cannabisculture #CannabisCommunity
Keneviri de Fransa'yı da anlatılmadığı gibi anlayalım.
#oxygen #oksijen #PCR #maske #testkiti #ECS #EKS
#Anandamide #hempoil #cannabisindustry #cannabisculture #CannabisCommunity
1- Bugün İstanbul Lisesi olarak kullanılan Düyun-u Umumiye Binası'nın ana kapısı. Düyun-u Umumiye (Düyun-u Umumiye-i Osmaniye Varidat-ı Muhassasa İdaresi), 1881-1923 yılları arasında Osmanlı İmparatorluğu'nun iç ve dış borçlarını denetleyen kurumdur.
2- Navarin Bozgunu, Osmanlı ve Mısır donanmalarıyla, birlikte hareket eden Britanyalı, Fransız ve Rus donanmaları arasında; 20 Ekim 1827 tarihinde geçmiş olan bir deniz muharebesidir. Bu muharebe Osmanlı tarihinde , Navarin Baskını veya Navarin Faciası adlarıyla da geçer.
Today during the #reInvent keynote, we have announced Amazon #EKS on #Fargate. So proud of my team! AWS customers can now run both native #ECS tasks as well as #Kubernetes pods on Fargate. In this thread, I'll try to explain our reasoning behind some major design decisions. 1/n
