Securing and Protecting Containers in AWS Fargate

Image from Pixabay

Amazon Web Services—or AWS—is a dominant cloud platform. Amazon offers a vast and growing array of resources and services to help customers embrace and effectively leverage cloud computing. Containers also make up a big part of what AWS has to offer. Amazon already has EC2—it’s containers-as-a-service platform, and recently added Fargate—a serverless computing platform for containers.

What Is Fargate?

Containers are all the rage. They’ve transformed the way organizations develop, deploy, and maintain applications and provide significantly greater agility and scalability. Docker didn’t invent containers, but it did make them a household word, and now there’s a plethora of container and container orchestration options out there. Most of them, however, still require that you deploy and manage servers or clusters for the containers to run on. That’s where Fargate comes in.

AWS Fargate takes the servers out of the equation. Amazon explains, “With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing.”

Put simply, Fargate eliminates infrastructure from the equation. You can focus on creating and deploying application workloads, without having to concern yourself with the operating system of the host, or the container orchestration layer, or how to configure and manage the underlying infrastructure in general.

Securing AWS Fargate

Removing infrastructure, however, does not remove security concerns. There may be fewer or different risks to worry about because you’ve eliminated the host operating system, orchestration layer, and other potential attack vectors—but, it also creates some unique issues as well. The containers themselves still need to be secured and protected, but most container security solutions rely on the underlying infrastructure to function.

Layered Insight takes care of this problem by embedding the visibility and protection directly into each individual container. “To address the security and compliance requirements of these new applications and infrastructure, it’s time to embed security into the process and technology from the beginning,” says Asif Awan, co-founder and Chief Technology Officer for Layered Insight.

A blog post from Layered Insight explains, “Getting deep visibility and control into all the activities and behavior of each application container running on AWS Fargate is quick and easy. Simply deploy Layered Insight and configure it to access AWS Elastic Container Registry (ECR), identifying where application container images are stored.”

You can take advantage of the development and operational benefits of Fargate and move to a serverless infrastructure, but don’t sacrifice security. Find a container-native security solution that will still work effectively in a serverless environment.

Tony Bradley: I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Threads, Facebook, Instagram and LinkedIn.
Related Post