Continuous Compliance on AWS using AWS Config Rules

How does compliance work in many organizations? From what I’ve seen, it might look something like this: ‘Internal compliance is conducting an audit in three weeks, we need to make sure we’re compliant with all of our internal policies’. What ensues is a heroic effort of people discovering or creating documents and other artifacts indicating what Read more…

DevOps Culture: Building Confidence in Delivery

Delivering software as rapidly as your technology and business will allow should be the main goal of any organized engineering team. Each organization, project and team must define what the cadence of delivery will be. Regardless of the frequency of your deployments, it’s the responsibility of your DevOps team to provide the guidance and technology Read more…

Segregation of Duties on AWS

In the book, Accelerate, by Forsgren, et al., it states the following about Segregation of Duties:   What About Segregation of Duties?…First, when any kind of change is committed, somebody who wasn’t involved in authoring the change should review it either before or immediately following commit to version control. Second, changes should only be applied Read more…

Troubleshooting AWS CodePipeline Artifacts

AWS CodePipeline is a managed service that orchestrates workflow for continuous integration, continuous delivery, and continuous deployment. With CodePipeline, you define a series of stages composed of actions that perform tasks in a release process from a code commit all the way to production. It helps teams deliver changes to users whenever there’s a business Read more…

DevOps on AWS Radio: AWS in Action – Michael and Andreas Wittig (Episode 18)

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news along with a discussion with Michael and Andreas Wittig who are the authors of the best selling book, Amazon Web Services in Action.  Here are the show notes: DevOps on AWS News State of DevOps Report has been released Configure Cross-Account Read more…

DevOps on AWS Radio: Serverless Architectures and Security – Ory Segal (Episode 17)

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news along with a discussion with Ory Segal, CTO and Co-Founder at PureSec about Serverless Architectures and Security. Here are the show notes: DevOps on AWS News Casey Lee – AWS Container Hero Screencast: Continuous Delivery for Machine Learning with AWS CodePipeline and Read more…

DevOps Culture: An Automation-First Mentality

Automation is one of the key principles of a strong DevOps culture because it has such a high return on investment. How can you be confident in your software unless you’ve had a real person validate it? We continue the DevOps Culture series with discussing how automation takes your team’s confidence beyond the commit and Read more…

DevOps on AWS Radio: Continuous Delivery at Netflix – Adam Jordens (Episode 16)

In this episode, Paul Duvall covers recent DevOps on AWS news and interviews Adam Jordens, an engineer on the Delivery Platform Team at Netflix.  Here are the show notes: DevOps on AWS News AWS Limit monitor – AWS Answers  Keeping your Secrets Secret – AWS Secrets Manager and AWS CloudFormation to Automate Secrets Management Socket.io chat app Read more…

DevOps on AWS Radio: Big Data – Robert Murphy (Episode 15)

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news along with a discussion with Robert Murphy, who is a Senior DevOps Automation Engineer at Stelligent. Here are the show notes: DevOps on AWS News Validating AWS CloudFormation templates with cfn_nag and mu Serverless CloudFormation Linting in AWS CodePipeline Custom rule Read more…