If you have a PCI question that is not related to anything I have posted, you are welcome to post them here. I will do the best I can to respond to your questions. If other readers wish to weigh in on questions posted here, their comments are also welcome.
To those of you that have issues with this page and it’s load time, blame WordPress. This is a “free” blog and to fix this issue would require a ‘Business’ subscription that would cost $300/year (2018) to access the necessary plugins to reorganize the comments to multiple pages. To afford that, I would have to charge a subscription fee to anyone reading the blog.
Remember though, I am a QSA and consultant. So I am not going to “give away the store” as I am in the business of selling my expertise.
PCI Guru 
Do you have any insight to share with PCI Compliance and AWS Kubernetes?
The only insight I can provide is to follow the security and hardening guide provided for the K8 environment in AWS. Sadly, K8 varies from AWS, Azure, GCP and other environments. As a result, what works to secure K8 in one, does not translate to any other environment.
In your opinion, would Oracle Transparent Data Encryption (TDE) in Tablespace mode be “disk-level or partition-level” encryption, or “column-, or field-level database encryption”? (As described by PCI DSS 4.0, requirement 3.5.1.2 and 3.5.1.3)
As I understand it, Tablespace mode is encrypting the entire table which is not disk or partition level it is table level encryption. So anyone with access to the table has access to all of the data in the table based on the views they have access.