Integrating ROSA Applications with AWS Services (CS221)

Integrate applications on ROSA with AWS services while keeping a good security posture.

Course Description

• Integrate applications deployed on ROSA with AWS services in a way that cluster administrators and platform engineers retain control of credentials and roles required by applications to access AWS services instead of exposing those credentials to application developers.

• Note: This course is a “bring your own cloud” (and device) course. Red Hat Training does not provide a hands-on lab environment for this course. All associated AWS costs with any of the content must be paid through the student’s AWS account.

Course Content Summary

• Integrate with external container registries such as ECR and Quay.io to deploy applications from private image repositories

• Configure storage classes to enable application access to different EBS volume types

• Configure storage classes and security contexts to enable application access to shared EFS storage volumes

• Configure pod identity using STS/IRSA to enable application access to AWS services such as database (Aurora), integration (SQS), and object storage (S3)

• Provision AWS services for applications using the AWS Controllers for Kubernetes (ACK)

• Federate and query application metrics (application workload monitoring) with Amazon Managed Prometheus Service

• Aggregate and query structured application logs with Amazon CloudWatch

• Configure custom domains and TLS certificates for secure public access to applications