How To Dev

Introduction In previous articles, I guided you through using AWS EKS to create Kubernetes resources in the traditional way using yaml files or using KubernetesManifest directly via AWS CDK. The result is that we access the application directly through the LoadBalancer Address, but this is only an HTTP connection. To enhance security, in this article, we will explore how to use it alongside CloudFront for HTTPS connections and WAF. AWS WAF (Web Application Firewall) is a firewall service that protects web applications (delivered via CloudFront, ALB, or API Gateway) from common security vulnerabilities. Instead of just basic IP blocking, WAF deeply analyzes HTTP/HTTPS content to make decisions to allow or block requests. Advantages Protection against automated attacks: Effectively prevents common types of attacks such as SQL Injection, Cross-Site Scripting (XSS), and vulnerabilities in the OWASP Top 10. Bot and DDoS Blocking: Uses AWS Managed Rules to block malicious bots from scraping ...

Introduction Amazon Elastic Kubernetes Service (AWS EKS) is a managed Kubernetes service on the AWS cloud platform. Instead of having to install, operate, and maintain a Kubernetes cluster from scratch yourself, AWS takes over the management of the system's "brain" (Control Plane), helping you focus entirely on deploying and running applications. Advantages Reduced administrative burden: AWS automatically performs difficult tasks such as version updates, security patching, and ensuring high availability for the Control Plane across multiple Availability Zones. Optimal security: EKS integrates tightly with AWS security services such as IAM (for granular permissions for Pods), VPC (for network isolation), and AWS KMS (for data encryption). Flexible scalability: You can easily increase or decrease the number of resources (nodes) based on the actual traffic of the application, helping to optimize costs. Rich ecosystem: Easily connect with other AWS services such as CloudWatch...