{"id":18332546,"url":"https://github.com/tigera-solutions/cc-eks-compliance","last_synced_at":"2025-04-09T18:39:22.291Z","repository":{"id":178134946,"uuid":"661400413","full_name":"tigera-solutions/cc-eks-compliance","owner":"tigera-solutions","description":"In this EKS-focused workshop, you will work with AWS and Calico Cloud to learn how to design and deploy best practices to achieve compliance with regulatory frameworks such as PCI, SOC2, HIPAA and others and secure your Kubernetes environment.","archived":false,"fork":false,"pushed_at":"2023-07-05T01:33:48.000Z","size":154,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-15T11:19:54.514Z","etag":null,"topics":["aws","cc","compliance","eks","regismartins","workshop"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tigera-solutions.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-02T18:13:28.000Z","updated_at":"2023-09-07T22:08:40.000Z","dependencies_parsed_at":null,"dependency_job_id":"848e30ed-8727-473e-94a3-d3e5a172e5b0","html_url":"https://github.com/tigera-solutions/cc-eks-compliance","commit_stats":null,"previous_names":["tigera-solutions/cc-eks-compliance"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tigera-solutions%2Fcc-eks-compliance","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tigera-solutions%2Fcc-eks-compliance/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tigera-solutions%2Fcc-eks-compliance/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tigera-solutions%2Fcc-eks-compliance/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tigera-solutions","download_url":"https://codeload.github.com/tigera-solutions/cc-eks-compliance/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248089392,"owners_count":21045897,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cc","compliance","eks","regismartins","workshop"],"created_at":"2024-11-05T19:39:23.398Z","updated_at":"2025-04-09T18:39:22.273Z","avatar_url":"https://github.com/tigera-solutions.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# AWS Dev Days: Hands-on workshop: \u003cbr\u003e Achieving PCI, SOC2, HIPAA, NIST and GDPR compliance for containerized applications\n\n## Welcome\n\nIn this EKS-focused workshop, you will work with AWS and Calico Cloud to learn how to design and deploy best practices to achieve compliance with regulatory frameworks such as PCI, SOC2, HIPAA and others and secure your Kubernetes environment. \n\nEnterprises developing compliant cloud-native applications have two primary needs. First, they must secure and govern access to containerized workloads and the Kubernetes environment. Second, they need to simplify audit logging and compliance reporting. The Kubernetes environment is dynamic and distributed, and workloads are ephemeral, making enforcing compliance controls and providing continuous reporting difficult.\n\nThe purpose of this repository is to offer you a comprehensive, step-by-step guide on creating an AWS EKS cluster, registering it on Calico Cloud, and securing your cloud-native applications to meet compliance requirements. Although Calico Cloud provides a wide range of functionalities and security features, this workshop will concentrate on a few key features that effectively ensure compliance across multiple regulatory frameworks due to time constraints. If you would like to delve deeper into this topic, please don't hesitate to contact us.\n\n## Time Requeriments\n\nThe estimated time to complete this workshop is 60-90 minutes.\n\n## Target Audience\n\n- Cloud Professionals\n- DevSecOps Professional\n- Site Reliability Engineers (SRE)\n- Solutions Architects\n- Anyone interested in Calico Cloud :)\n\n## Learning Objectives\n\nLearn how to:\n- **Scan container images** and **block deployment** based on your security criteria during build time.\n- Preview and **enforce security policies** to protect vulnerable workloads.\n- Implement **zero-trust access controls** to prevent egress and lateral movement during runtime.\n- Implement **runtime security** with IDS/IPS, WAF, and malware detection.\n- Get **visibility** into Kubernetes cluster traffic to **troubleshoot** and **improve security**.\n\n## Modules\n\nThis workshop is organized in sequencial modules. One module will build up on top of the previous module, so please, follow the order as proposed below.\n\nModule 1 - [Prerequisites](/modules/module-1-prereq.md)  \nModule 2 - [Create an EKS cluster](/modules/module-2-create-eks.md)  \nModule 3 - [Connect the EKS cluster to Calico Cloud](/modules/module-3-connect-calicocloud.md)  \nModule 4 - [Scan Container Images](/modules/module-4-scan-images.md)  \nModule 5 - [Security Guardrails for Network-based Threats](/modules/module-5-security-guardrails.md)  \nModule 6 - [Configuring IDS protection and Workload-Centric WAF](/modules/module-6-ids-waf.md)  \nModule 7 - [Quarantine Infected Workloads and KSPM](/modules/module-7-quarantine-kspm.md)  \nModule 8 - [Clean up](/modules/module-8-clean-up.md)  \n\n--- \n\n### Useful links\n\n- [Project Calico](https://www.tigera.io/project-calico/)\n- [Calico Academy - Get Calico Certified!](https://academy.tigera.io/)\n- [O’REILLY EBOOK: Kubernetes security and observability](https://www.tigera.io/lp/kubernetes-security-and-observability-ebook)\n- [Calico Users - Slack](https://slack.projectcalico.org/)\n\n**Follow us on social media**\n\n- [LinkedIn](https://www.linkedin.com/company/tigera/)\n- [Twitter](https://twitter.com/tigeraio)\n- [YouTube](https://www.youtube.com/channel/UC8uN3yhpeBeerGNwDiQbcgw/)\n- [Slack](https://calicousers.slack.com/)\n- [Github](https://github.com/tigera-solutions/)\n- [Discuss](https://discuss.projectcalico.tigera.io/)\n\n\u003e **Note**: The examples and sample code provided in this workshop are intended to be consumed as instructional content. These will help you understand how Calico Cloud can be configured to build a functional solution. These examples are not intended for use in production environments.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftigera-solutions%2Fcc-eks-compliance","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftigera-solutions%2Fcc-eks-compliance","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftigera-solutions%2Fcc-eks-compliance/lists"}