EKS

Goal Ship a .NET service to EKS with a clean pipeline: GitHub Actions uses OIDC (no long‑lived AWS keys) Builds and pushes image to ECR Helm deploy with safe rolling updates (optional canary) Connect to RDS with TLS Optional: upload static assets to S3 Repo layout . ├── src/MyApi/. │ ├── Program.cs │ ├── MyApi.csproj │ └── Dockerfile ├── charts/api/ # simple Helm chart for the API │ ├── Chart.yaml │ ├── values.yaml │ └── templates/ │ ├── deployment.yaml │ ├── service.yaml │ ├── hpa.yaml │ └── ingress.yaml └── .github/workflows/deploy.yml Dockerfile (multi-stage, non‑root) ...