Spotlight

Using AWS IAM with STS as an identity Provider

Jonathan Merlevede

This article explains how EKS authentication tokens work by pre-signing AWS STS GetCallerIdentity calls, and how you can use this technique to implement IAM-based authentication in your own services.

More articles →

Tools and utilities

  • KSail: Kubernetes SDK

    KSail is a unified Kubernetes SDK that simplifies cluster management and workload deployment by providing a single, declarative interface for all your Kubernetes operations.

  • Jib: containerize your Java applications

    Jib builds optimized Docker and OCI images for your Java applications without a Docker daemon.

  • Push-to-K8s: secret sync

    Push-to-K8s is a Kubernetes controller written in Go that automatically synchronizes labeled secrets from a source namespace to all other namespaces in the cluster with real-time change detection propagating updates in 5-10 seconds.

  • Kuba: kubectl wizardry

    Kuba enhances kubectl with fuzzy argument selection using fzf, new output formats like fx and lineage, cross-namespace operations, automatic container guessing, and an extensible alias language.

  • Capacitor: FluxCD UI

    Capacitor is a local-first Kubernetes client with a built-in webserver that provides a general-purpose UI for FluxCD, including resource discovery, Helm history, diffing, the Flux resource tree, and multi-cluster support that respects RBAC.

More projects →

Events starting soon

Discover more events onn Kube Events →

From ECS to Kubernetes: A Real Migration Story
From ECS to Kubernetes: A Real Migration Story

Migrating from ECS to Kubernetes sounds straightforward — until you hit spot capacity failures, firewall rules silently dropping traffic, and memory metrics that lie to your autoscaler.

Radosław Miernik, Head of Engineering at aleno, walks through a real production migration: what broke, what they missed, and the fixes that made it work.

In this interview:

  • Running Flux and Argo CD together — Flux for the infra team, Argo CD's UI for developers who don't want to touch YAML
  • How the wrong memory metric caused OOM errors, and why switching to jemalloc cut memory usage by 20%
  • Splitting WebSocket and API containers into separate deployments with independent autoscaling

Four months of migration, over 100 configuration changes in the first month, and a concrete breakdown of what platform work looks like when you can't afford downtime.

Learn from production

More case studies →

Matching jobs

    • Data Engineer with Bloomreach

    • Salary: €45.6K a year

    • Location: remote from

    • Tech stack: Kubernetes, GCP, Python, Go, SQL, Scala, Java, Mongo, Redis, Snowflake

    • Data Engineer with ezCater, Inc

    • Salary: $79.08K to $93.6K a year

    • Location: remote from

    • Tech stack: Kubernetes, AWS, Docker, SQL, Python, Snowflake, Airflow

    • DevOps Engineer with Accenture Federal Services

    • Salary: $86.4K to $176.2K a year

    • Location: remote from

    • Tech stack: Kubernetes, AWS, Docker, Python, Java, Javascript, Shell, C++

    • DevOps Engineer with AssureSoft - Careers

    • Salary: $27K to $344K a year

    • Location: fully remote

    • Tech stack: Kubernetes, Azure, AWS, Helm, Docker, Powershell, Shell, Python, Terraform, Azure DevOps

    • DevOps Engineer with Bottomline

    • Salary: $27K to $344K a year

    • Location: fully remote

    • Tech stack: Kubernetes, Azure, Helm, Docker, SQL, Powershell, C#, ARM templates, Azure DevOps

Discover more Kubernetes jobs on Kube Careers →

Subscribe to Learn Kubernetes Weekly

Trusted by 77K engineers. Delivered 171 issues and counting.

or subscribe via

Build something

More tutorials →

Call for Papers closing soon

  1. 0

    days

    KCD Beijing 2026

    The Call For Paper is open until 24 February 2026 at GMT-5. More info →

    • Location: Beijing, CN

    • In-person conference organized by KCD Beijing.

    • The conference starts on the 21 March 2026.

    • Apply here

  2. 2

    days

    Devopsdays Austin

    The Call For Paper is open until 26 February 2026 at GMT-5. More info →

    • Location: Austin, TX, USA

    • In-person conference organized by Devopsdays.

    • The conference starts on the 5 May 2026.

    • Apply here

  3. 3

    days

    AI Native DevCon London 2026

    The Call For Paper is open until 27 February 2026 at GMT-5. More info →

    • Location: London, GB

    • In-person conference organized by AI Native Dev.

    • The conference starts on the 2 June 2026.

    • Apply here

  4. 3

    days

    Kubernetes Community Days Kuala Lumpur 2026

    The Call For Paper is open until 27 February 2026 at GMT-5. More info →

    • Location: Kuala Lumpur, MY

    • In-person conference organized by KCD Kuala Lumpur 2026.

    • The conference starts on the 27 June 2026.

    • Apply here

  5. 4

    days

    Container Days Hamburg 2026

    The Call For Paper is open until 28 February 2026 at GMT-5. More info →

    • Location: Hamburg, DE

    • In-person conference organized by Container Days.

    • The conference starts on the 4 September 2026.

    • Apply here

  6. 4

    days

    IEEE Cloud Summit 2026

    The Call For Paper is open until 28 February 2026 at GMT-5. More info →

    • Location: Washington, D.C., USA

    • In-person conference organized by IEEE Technical Committee on Cloud Computing.

    • The conference starts on the 26 June 2026.

    • Apply here

  7. 4

    days

    The Cloud & AI Summit 2026

    The Call For Paper is open until 28 February 2026 at GMT-5. More info →

    • Location: St. Louis, MO, USA

    • In-person conference organized by The Cloud and AI Summit.

    • The conference starts on the 2 October 2026.

    • Apply here

Thanks to our sponsors who make Kube Today possible

Find out more about being a sponsor →

More articles

Even more articles →