While organizations gain agility and scalability when they migrate to containers and microservices, they also benefit from compliance and security, advantages that are often overlooked. In this session, Kelvin Zhu, lead software engineer at Okta, joins Mitch Beaumont, enterprise solutions architect at AWS, to discuss security best practices for containerized infrastructure. Learn how Okta built their development workflow with an emphasis on security through testing and automation. Dive deep into how containers enable automated security and compliance checks throughout the development lifecycle. Also understand best practices for implementing AWS security and secrets management services for any containerized service architecture.
29. 1. Pre ENI Attachment: The primary ENI
(eth0) is in the default namespace
Default/Root Global Namespace
docker0
eth0
lo
30. 1. Pre ENI Attachment: The primary ENI
(eth0) is in the default namespace
2. ENI Attached: The new ENI (eth1) is in
the default namespace.
Default/Root Global Namespace Default/Root Global Namespace
docker0 docker0
eth0
lo lo
eth0
eth1
31. Default/Root Global Namespace Default/Root Global Namespace
Default/Root Global Namespace
docker0 docker0
eth0
lo lo
eth0
eth1
lo
eth0
docker0
ecs0
eth1
lo ve-
c1
3. ENI Provisioned: The ECS Agent
invokes CNI plugins to move the new ENI
into a new namespace and configure it
with the addresses and routes.
1. Pre ENI Attachment: The primary ENI
(eth0) is in the default namespace
2. ENI Attached: The new ENI (eth1) is in
the default namespace.