Announcing HAQM Elastic Kubernetes Service (EKS) in AWS GovCloud (US)

HAQM Elastic Kubernetes Service (HAQM EKS) is now generally available in AWS GovCloud (US) Regions.

Now government organizations and commercial organizations in government-regulated industries who adopt Kubernetes as their standard for orchestrating containers can use HAQM EKS to deploy a managed Kubernetes cluster on AWS. According to the 2019 Cloud Native Computing Foundation survey of their community, HAQM EKS is the leading method for deploying Kubernetes.

HAQM EKS and AWS GovCloud (US)

Many customers use AWS GovCloud (US) Regions to run their mission-critical applications. As these applications are developed and modernized, customers are increasingly choosing to deploy their applications using containers to support DevSecOps initiatives. The United States Department of Defense (DoD) recently announced their DevSecOps (DSOP) Initiative, which standardizes the use of containers to package applications and Kubernetes to orchestrate containers across the DoD.

Containers provide a standard API for DevSecOps teams to build, test, secure, deploy, and run their applications across multiple environments. Customers build enterprise container registries on top of HAQM Elastic Container Registry (ECR) to secure their software supply chain, accelerate the software development process, and/or scale their applications to accomplish their mission. Kubernetes enables customers to deploy nearly every type of workload, including web applications, batch processing, machine learning (ML), mobile, scheduled tasks, workflows, and many more.

HAQM EKS deeply integrates Kubernetes with HAQM Web Services (AWS) to enable customers to leverage a broad range of services already available in AWS GovCloud (US), which include:

• AWS Identity and Access Management (AWS IAM): HAQM EKS uses IAM for centralized and secure authentication using STS tokens. AWS integrates this with kubectl for a seamless developer experience. Users can centrally manage access to the cluster with IAM roles with support for federated identity.
• HAQM Key Management Service (HAQM KMS): The AWS Encryption Provider integrates with HAQM KMS, enabling customers to use FIPS 140-2 validated cryptography to secure their Kubernetes Secrets.
• HAQM Elastic Load Balancing (HAQM ELB): HAQM EKS supports exposing Kubernetes Service’s using Classic Load Balancers and Network Load Balancers. You can expose ingress resources using the Application Load Balancer Ingress Controller.
• HAQM Virtual Private Cloud (HAQM VPC): HAQM EKS uses native VPC networking to facilitate container networking. AWS assigns pods to IP addresses from the VPC (or Secondary VPC) CIDR ranges. This supports VPC Flow Logs and Guard Duty, allowing customers to gain visibility into the container traffic.
• HAQM Elastic Container Registry (HAQM ECR): HAQM ECR is integrated with Kubernetes to enable organizations to pull their container images without ever leaving their network over private endpoints.
• HAQM Elastic Block Storage (HAQM EBS) and HAQM Elastic File System (HAQM EFS): HAQM EKS uses the Container Storage Interface (CSI) drivers to integrate EBS and EFS storage into containers. This enables you to mount HAQM EBS volumes and HAQM EFS file systems directly into containers.
• HAQM SageMaker: HAQM SageMaker Operators for Kubernetes makes it simple for developers and data scientists that use Kubernetes to train, tune, and deploy ML models in HAQM SageMaker.

HAQM EKS also supports upstream Kubernetes tools such as Cluster Autoscaler and Horizontal Pod Autoscaler so that customers can scale up to meet demand and scale down to save costs when resources are no longer needed.

Our AWS Partner Network (APN) Partners have deep expertise in helping commercial and public sector customers migrate their applications to containers on AWS. They have proven infrastructure, software, and industry-specific solutions that help you build and run your applications on Kubernetes. Several APN Technology Partners are using HAQM EKS today in other AWS regions to deliver containerized workloads.

Get started deploying kubernetes today

HAQM EKS in AWS GovCloud (US) supports managed and self-managed worker nodes. To get started, deploy a cluster using eksctl, the AWS Command Line Interface (CLI), the AWS Software Development Kit (SDK), or AWS CloudFormation.

Learn more about AWS GovCloud (US) Regions or contact the AWS GovCloud (US) team with questions. Visit the HAQM EKS product page to learn more about the service, and check out this HAQM EKS workshop.

Subscribe to the AWS Public Sector Blog newsletter to get the latest in AWS tools, solutions, and innovations from the public sector delivered to your inbox, or contact us.