Security Topics with Serverless and EKS

Date
23 October

Location
New10
Mr.Treublaan 7
1097 DP Amsterdam

Register here

Thanks New10 for inviting the AWS community to your office!

Agenda

18:00 Registration & Food
19:00 Serverless Application Model (SAM) Security and Safety Best Practices
19:30 Serverless: Compliance at Speed
20:30 EKS IAM Roles & Security Best Practices
21:00 Drinks & Networking
21:30 End of the meetup

Serverless Application Model (SAM) Security and Safety Best Practices

Launching a simple serverless SAM application is easy. Making it secure, setting up monitoring, getting performance insights, and doing safe deployments, that is another thing. This is a very hands-on demo, so you should be a little bit familiar with (and not scared of) CloudFormation and Python. Expect to learn more about SAM, Lambda, API Gateway, IAM, X-Ray, CodeDeploy, CloudFormation, CloudWatch.

Speaker: Martijn van Dongen AWS Cloud Architect @ Binx.io / Founder and Organizer AWSug.nl meetups

Serverless: Compliance at Speed

In New10 we have to comply with a ton of policies and rules, as we operate in financial domain. At same time, we want to be agile and flexible in our way of working. We need to be able to provide best developer-experience for our devops and quality engineering teams. In this session we are going to share New10 experience with:

  • monitoring hundreds of Serverless projects and thousands of Lambda executions per minute;
  • tracing and logging all the way or how to be complained with regulator standards without blocking your developers;
  • DevSecOps way to automate AWS security tooling as well as DataDog, Snyk, PagerDuty, Sentry and etc;
  • remediations: automated and manual.

We tried plenty of different solutions, we failed a lot, we learned a lot. And we are eager to share our story with community.

Speakers: Kirill Kolyaskin, lead cloud engineer @ New10 and Pavel Kruhlei, lead quality engineer @ New10

EKS IAM Roles & Security Best Practices

Want to give AWS IAM permissions to a certain pod, but not the entire node? This used to require a third-party solution like kiam or kube2iam, but no more! In this session we’ll learn all about the recently added support for IAM roles for K8s service accounts, and discuss some general EKS security best practices while we’re at it.

Speaker: Ben de Haan, Security Consultant @ Xebia