As a DevSecOps Engineer, my focus is not only on building and deploying applications, but also on embedding security into every stage of the cloud and container lifecycle. Recently, I’ve been strengthening my hands-on experience with containers, Kubernetes, and AWS security services through practical training and real scenarios.
I began by working with Docker to containerize applications and better understand how images, dependencies, and runtime isolation work. From a security perspective, this helped me think more critically about image hardening, minimizing attack surface, and controlling what gets shipped into production.
I then moved into Kubernetes fundamentals, focusing on how workloads are deployed and managed using pods, deployments, and services. Beyond orchestration, I paid close attention to security-relevant concepts such as configuration management, isolation between workloads, and the importance of least privilege when running containerized applications.
To connect these concepts with real-world cloud environments, I explored Amazon EKS, which provides managed Kubernetes on AWS. This helped me understand how AWS handles control plane security while still allowing DevSecOps teams to enforce policies and security controls at the cluster and workload level.
Alongside containers and Kubernetes, I worked with several core AWS services that are critical for DevSecOps practices:
IAM, to manage fine-grained permissions and enforce least-privilege access
Amazon VPC, to design secure networking, subnets, and traffic boundaries
Security Groups and NACLs, to control inbound and outbound traffic
Amazon CloudWatch, to monitor logs, metrics, and detect abnormal behavior
AWS Secrets Manager, to securely manage sensitive configuration data
One of the most valuable aspects of this learning experience was troubleshooting security and configuration issues. I encountered challenges related to permissions, networking, and misconfigurations — situations that closely reflect real production environments. Resolving these issues reinforced the importance of automation, visibility, and security-by-design in cloud-native systems.
I’m sharing this experience because DevSecOps is not just about tools, but about mindset. By learning in public and sharing practical insights, I aim to help others adopt secure container and Kubernetes practices on AWS and avoid common security pitfalls.
This journey is ongoing, and I’m excited to continue deepening my expertise in cloud security, DevSecOps automation, and containerized workloads on AWS, while contributing knowledge back to the community.
Top comments (0)