Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
@aws-quickstart/ssp-amazon-eks
Advanced tools
![GitHub](https://img.shields.io/github/license/aws-quickstart/quickstart-ssp-amazon-eks) ![Build](https://codebuild.us-west-2.amazonaws.com/badges?uuid=eyJlbmNyeXB0ZWREYXRhIjoiTWxBQzVUcTBvdSsvbE9mR0ZWeTJjbi96OUpBREorSG51UjMzQ1UyNXdmUzZ2dUJoTkhIODFJWjN2Qj
Welcome to the Amazon EKS SSP Quickstart
repository.
This repository contains the source code for the ssp-amazon-eks
NPM module. ssp-amazon-eks
is a CDK construct that makes it easy for customers to build and deploy a Shared Services Platform (SSP) on top of Amazon EKS.
For complete project documentation, please see our official project documentation site.
A Shared Services Platform (SSP) is an internal development platform that abstracts the complexities of cloud infrastructure from developers, and allows them to deploy workloads with ease. As SSP is typically composed of multiple AWS or open source products and services, including services for running containers, CI/CD pipelines, capturing logs/metrics, and security enforcement. The SSP packages these tools into a cohesive whole and makes them available to development teams as a service. From an operational perspective, SSPs allow companies to consolidate tools and best practices for securing, scaling, monitoring, and operating containerized infrastructure into a central platform that can then be used by developers across an enterprise.
Customers can use this QuickStart to easily architect and deploy a multi-tenant SSP built on EKS. Specifically, customers can leverage the ssp-amazon-eks
module to:
To view a library of examples for how you can leverage the ssp-amazon-eks
, please see our SSP Patterns Repository.
You can also find a sample implementation that resides in this repository in bin/main.ts
.
First, make sure you have the aws-cli
installed. To verify your installation, run the following:
aws --version
# output aws-cli/2.2.3 Python/3.9.5 Darwin/20.3.0 source/x86_64 prompt/off
Install CDK matching the current version of the SSP QuickStart (which can be found in package.json).
npm install -g aws-cdk@1.143.0
Verify the installation.
cdk --version
# must output 1.143.0
Create a new CDK project. We use typescript
for this example.
cdk init app --language typescript
Bootstrap your environment.
cdk bootstrap aws://<AWS_ACCOUNT_ID>/<AWS_REGION>
Run the following command to install the ssp-amazon-eks
dependency in your project.
npm i @aws-quickstart/ssp-amazon-eks
Replace the contents of bin/<your-main-file>.ts
(where your-main-file
by default is the name of the root project directory) with the following:
import 'source-map-support/register';
import * as cdk from '@aws-cdk/core';
import * as ssp from '@aws-quickstart/ssp-amazon-eks';
const app = new cdk.App();
// AddOns for the cluster.
const addOns: Array<ssp.ClusterAddOn> = [
new ssp.addons.ArgoCDAddOn,
new ssp.addons.CalicoAddOn,
new ssp.addons.MetricsServerAddOn,
new ssp.addons.ClusterAutoScalerAddOn,
new ssp.addons.ContainerInsightsAddOn,
new ssp.addons.AwsLoadBalancerControllerAddOn(),
new ssp.addons.VpcCniAddOn(),
new ssp.addons.CoreDnsAddOn(),
new ssp.addons.KubeProxyAddOn(),
new ssp.addons.XrayAddOn()
];
const account = 'XXXXXXXXXXXXX'
const region = 'us-east-2'
const props = { env: { account, region } }
new ssp.EksBlueprint(app, { id: 'east-test-1', addOns}, props)
Note: if the account/region combination used in the code example above is different from the initial combination used with cdk bootstrap
, you will need to perform cdk bootstrap
again to avoid error.
Please reference CDK usage doc for detail.
Deploy the stack using the following command
cdk deploy
This will provision the following:
The ecosystem of tools that have developed around Kubernetes and the Cloud Native Computing Foundation (CNCF) provides cloud engineers with a wealth of choice when it comes to architecting their infrastructure. Determining the right mix of tools and services however, in addition to how they integrate, can be a challenge. As your Kubernetes estate grows, managing configuration for your clusters can also become a challenge.
AWS customers are building internal platforms to tame this complexity, automate the management of their Kubernetes environments, and make it easy for developers to onboard their workloads. However, these platforms require investment of time and engineering resources to build. The goal of this QuickStart is to provide customers with a tool chain that can help them deploy a Well-Architected platform on top of EKS with ease. The ssp-amazon-eks
framework provides logical abstractions and prescriptive guidance for building a platform. Ultimately, we want to help EKS customers accelerate time to market for their own platform initiatives.
For architectural details, step-by-step instructions, and customization options, see our official documentation site.
To post feedback, submit feature ideas, or report bugs, use the Issues section of this GitHub repo.
To submit code for this Quick Start, see the AWS Quick Start Contributor's Kit.
This library is licensed under the Apache 2.0 License.
FAQs
![GitHub](https://img.shields.io/github/license/aws-quickstart/quickstart-ssp-amazon-eks) ![Build](https://codebuild.us-west-2.amazonaws.com/badges?uuid=eyJlbmNyeXB0ZWREYXRhIjoiTWxBQzVUcTBvdSsvbE9mR0ZWeTJjbi96OUpBREorSG51UjMzQ1UyNXdmUzZ2dUJoTkhIODFJWjN2Qj
We found that @aws-quickstart/ssp-amazon-eks demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.