This talk by Dawid Ziolkowski at DevOpsDays Warsaw is a clear introduction to Istio. If you’ve heard of service meshes but never quite grasped what problems they solve, it’s a good place to start - it covers what a mesh gives you (traffic management, observability and mutual TLS between services) and how Istio implements it on top of Kubernetes.

In this talk, Chris Munns walks through building APIs with Amazon API Gateway - covering how it fits into a serverless architecture, the design choices you’ll face, and how to operate APIs in production. A solid primer if you’re putting an API Gateway in front of Lambda or your own backends.

In this talk, Paavan Mistry explains how to encrypt Kubernetes secrets at rest in etcd on Amazon EKS. By default, Kubernetes stores secrets only base64-encoded - not encrypted - so anyone who gains access to the API server or to etcd can read them in the clear. The talk shows how to use AWS KMS envelope encryption to protect secrets at rest, which is an easy win for anyone running EKS in production.