View Blog Post

Automating Penetration Testing in a CI/CD Pipeline (Part 2)

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the sixth article in the series. In the first post, we discussed what OWASP ZAP is, how it’s installed and automating that installation process with Ansible. This second article of Read more…

View Blog Post

Create a Pipeline for Elastic Beanstalk in CodePipeline using CloudFormation and CodeCommit

In Building Continuous Deployment on AWS with AWS CodePipeline, Jenkins and AWS Elastic Beanstalk, AWS describes how to manually configure CodePipeline to deploy an Elastic Beanstalk application. In this post, after describing how to create and connect to a new CodeCommit repository, I’ll explain how to fully automate the provisioning of all of the AWS resources Read more…

View Blog Post

Security Integration Testing (Part 1): Resource Monitoring with AWS Config Rules

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the third article in the series. Introduction In a Continuous Delivery pipeline it is imperative to enforce infrastructure security policies and ensure that any new code or infrastructure changes don’t result Read more…

View Blog Post

Finding Security Problems Early in the Development Process of a CloudFormation Template with “cfn-nag”

This is an older post. For newer information on cfn_nag and DevSecOps, please check out these posts: Development Acceleration Through VS Code Remote Containers: How We Leverage VS Code Remote Containers For Rapid Development of cfn_nag Custom Rule Distribution Enhancements for cfn_nag Is My Container Image Secure? CI/CD Container Scanning using Trend Micro Deep Security Read more…

View Blog Post

Continuous Security: Security in the Continuous Delivery Pipeline

Continuous Security is the addressing of security concerns and testing in the Continuous Delivery pipeline, and is as much a part of continuous delivery as operations, testing, or security is a part of the DevOps culture. This article is the first in a series which talks about ways of integrating security testing/validation of both software Read more…

View Blog Post

Automating AWS CodeDeploy Provisioning in CloudFormation

Over the past few weeks, I’ve been describing how I’m automating the provisioning of several of the AWS Code Services including CodePipeline and Custom CodePipeline Actions. This time, I’m describing a way of provisioning AWS CodeDeploy in CloudFormation. For now, I’m doing the automation against a generic application provided by AWS. I’ll apply it to our Read more…

View Blog Post

Stelligent AWS Continuous Delivery Demo Screencast

See the YouTube screencast and transcript below of a Continuous Deployment pipeline demonstration for a Node.js application using AWS services such as EC2, DynamoDB, Route 53, ENI and VPC and tools such as AWS CodePipeline, Jenkins, Chef and AWS CloudFormation. Open source code is available at https://github.com/stelligent/dromedary Transcript In this screencast, you’ll see a live Read more…

View Blog Post

Continuous Delivery in AWS tools we use

On a routine basis, we get asked which tools we use at Stelligent in delivering our solutions. Sometimes it’s a company interested in our services. Other times, it’s someone going though our hiring process (yes, we are hiring!). So, I’ve put together a list of the tools that we use in implementing Continuous Delivery in Amazon Web Services (AWS). All of our work Read more…

View Blog Post

Deployment Pipeline in Amazon Web Services – Support Infrastructure

In the introduction to this series on deployment pipelines in Amazon Web Services (AWS), I covered the nine “stages” that we use as a starting point for our Continuous Delivery in AWS implementations at Stelligent. This first “stage” I’ll be describing is on establishing the support infrastructure for the deployment pipeline. It’s not what I think Read more…