Our great sponsors
-
containers-roadmap
This is the public roadmap for AWS container services (ECS, ECR, Fargate, and EKS).
-
registry.k8s.io
This project is the repo for registry.k8s.io, the production OCI registry service for Kubernetes' container image artifacts
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Authenticated registry PTC is on the roadmap and we'd appreciate a +1 vote if you want support in ECR https://github.com/aws/containers-roadmap/issues/1584
For example: if you only allow cluster autoscaler and metrics server from registry.k8s.io you can pull those images through the cache as someone who has create repo IAM privileges. If someone without create repo privileges tries to pull a new image it will fail because they can't create the initial repo.
Related posts
- Automatically tag your Docker images as vulnerable in ECR
- Threat Detection on EKS – Comparing Falco and GuardDuty For EKS Protection
- EKS, grupos IAM, "dono do cluster" e system:masters
- Architecting for Resilience: Crafting Opinionated EKS Clusters with Karpenter & Cilium Cluster Mesh — Part 1
- Running a Web Application with 100% AWS Fargate Spot Containers 🤘