View Blog Post

Create and Connect to an AWS CodeCommit Repository

To create a new CodeCommit version-control repository, go to your AWS console and select CodeCommit under Developer Tools. Click the Create new repository button, enter a unique repository name and a description and click Create repository. Next, you will connect to the repository. Connect to the CodeCommit Repository There are a couple of ways to connect Read more…

View Blog Post

Automate CodeCommit and CodePipeline in AWS CloudFormation

Amazon Web Services (AWS) recently announced the integration of AWS CodeCommit with AWS CodePipeline. This means you can now use CodeCommit as a version-control repository as part of your pipelines! AWS describes how to manually configure this integration at Simple Pipeline Walkthrough (AWS CodeCommit Repository). One of the biggest benefits of using CodeCommit is its seamless Read more…

View Blog Post

Security Integration Testing (Part 1): Resource Monitoring with AWS Config Rules

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the third article in the series. Introduction In a Continuous Delivery pipeline it is imperative to enforce infrastructure security policies and ensure that any new code or infrastructure changes don’t result Read more…

View Blog Post

Finding Security Problems Early in the Development Process of a CloudFormation Template with “cfn-nag”

This is an older post. For newer information on cfn_nag and DevSecOps, please check out these posts: Development Acceleration Through VS Code Remote Containers: How We Leverage VS Code Remote Containers For Rapid Development of cfn_nag Custom Rule Distribution Enhancements for cfn_nag Is My Container Image Secure? CI/CD Container Scanning using Trend Micro Deep Security Read more…

View Blog Post

Continuous Security: Security in the Continuous Delivery Pipeline

Continuous Security is the addressing of security concerns and testing in the Continuous Delivery pipeline, and is as much a part of continuous delivery as operations, testing, or security is a part of the DevOps culture. This article is the first in a series which talks about ways of integrating security testing/validation of both software Read more…

View Blog Post

Serverless Delivery: Orchestrating the Pipeline (Part 3)

In the second post of this series, we focused on how to get our serverless application running with Lambda, API Gateway and S3. Our application is now able to run on a serverless platform, but we still have not applied the fundamentals of continuous delivery that we talked about in the first part of this Read more…

View Blog Post

Serverless Delivery: Bootstrapping the Pipeline (Part 2)

In the first of this three part series on Serverless Delivery, we took a look at the high level architecture of running a continuous delivery pipeline with CodePipeline + Lambda. Our objective is to run the Dromedary application in a serverless environment with a serverless continuous delivery pipeline. Before we can build the pipeline, we Read more…

View Blog Post

Create a Cross-Account Pipeline in AWS CloudFormation

When creating pipelines in AWS CodePipeline, you may want to make these pipelines available to other AWS accounts. When doing this, you’ll likely want to make these pipelines read only. A typical use case is that you want consistency for certain types of pipelines across an enterprise by providing a view of these pipelines to other Read more…