Introduction The cfn_nag tool is a static analysis tool for finding obvious security weaknesses in CloudFormation templates. The core product includes rules that apply universally across environments and enterprises. That said, the product supports the development of custom rules to allow enterprise-specific rules for compliance and security controls. For more information on developing custom rules Read more…
Many enterprises attempt to drive software development and delivery towards a DevOps mindset. Likewise, organizations struggle with increasing security challenges while adopting these innovative software practices. Embedding security within the deployment lifecycle is non-negotiable. Therefore, integration of security into CI/CD workflows need be done cautiously to meet an ever-evolving technology landscape. DevSecOps is an important Read more…
In this episode, we chat with Michael Wittig an AWS Community Hero prior to re:Invent 2019 with some of our hopes and expectations of the conference, and we also dive into a number of topics including Michael’s most recent book. In this episode, Paul Duvall and Michael Wittig will give you an overview of the Read more…
This article will walk you through the process necessary to create a wrapper gem with custom rules for cfn_nag. Read more…
If you want to get into microservices, but aren’t ready to take the container plunge, you can deploy mu projects directly to AWS EC2 instances. Using mu’s EC2 mode, you can leverage the benefits of microservices without containerization, and speed up development feedback loops. Read more…
This is an older post. For newer information on cfn_nag and mu, please check out these posts: Development Acceleration Through VS Code Remote Containers: How We Leverage VS Code Remote Containers For Rapid Development of cfn_nag Custom Rule Distribution Enhancements for cfn_nag DevOps on AWS Radio: Mutato and Open Source at Stelligent (Episode 27) Stelligent Read more…
Use the AWS Serverless Application Repository to deploy CodePipeline Dashboard solution Read more…
In this post, you’ll learn the process for creating and testing a mu extension. Read more…
Simple dashboard built for viewing pipeline metrics in AWS. Built using CloudWatch dashboards and metrics populated from CloudWatch events that CodePipeline triggers. Read more…
mu is an open-source, full-stack DevOps on AWS tool that simplifies and orchestrates your software delivery lifecycle (environments, services, and pipelines). Read more…