AWS re:Invent 2015: A guide to Amazon's sold-out event
A comprehensive collection of articles, videos and more, hand-picked by our editors
The use of shared computing resources is a central tenant of public cloud. It allows cloud providers to maximize...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
the use of available resources while consumers potentially share the same servers -- and OS components in the case of containers. Some enterprises see potential security hazards in this paradigm. Container technology promises native security and isolation, but AWS supplies its own tools for containers running on EC2 instances.
Amazon EC2 Container Service (ECS) allows users to specify which Amazon container instances are exposed to the Internet, specify the IP range used for the virtual private cloud (VPC) hosting each instance and connect local IT to the VPC using encrypted IPsec virtual private network connections. There's no need to store or load container instances from public cloud sources; they can be reached from private Docker registries within the VPC.
IT teams also use high levels of control over security in the Amazon ECS cloud environment. ECS containers run on top of Elastic Compute Cloud (EC2) services, allowing users to manage the OS and security settings of container instances, such as adjusting OS security, managing patches, reviewing logs from AWS tools like AWS CloudTrail and running other monitoring tools. Admins can launch an Amazon container and tasks with different settings to tailor security according to each workload.
Amazon ECS security also provides control over authorized container users. For example, EC2 supports AWS identity and access management policies for specific container roles and users. This allows container creators and managers to stipulate roles to help prioritize load balancing and create user policies to limit access. Security groups and network access control lists are available to further restrict incoming and outgoing network traffic between container instances.
How can we save money in Amazon EC2 Container Service?
Benefits of using Amazon EC2 Container Service with Docker
AWS EC2 Container Service eases Docker deployment
Related Q&A from Stephen J. Bigelow
Live migration of VMs isn't a new technology, but vMotion encryption adds a unique layer of security because the user isn't encrypting the network.continue reading
When our IT teams change a cloud configuration, a lot of application data and dependencies change too. How does AWS compile this data for customers?continue reading
SysOps teams must maintain consistent workload performance, meet compliance and security standards, as well as other IT tasks. AWS Config helps ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.