View Blog Post

Running Serverless Canary Deployments with AWS SAM

Many of us know that introducing large batches of changes into production is risky. However, because of complexity and many moving parts, it can also be risky when deploying changes in small batches – without the right techniques. One of the better ways of mitigating deployment risk is by gradually deploying small and frequent changes Read more…

View Blog Post

Continuous Deployment for Serverless Applications on AWS

When using serverless on AWS, you do not need to worry about load balancing, auto scaling, operating system management, managing utilization, or underlying hardware failures. All of it is abstracted from you so that you can focus on coding. What’s more, since you only pay for what you use, you can do more experimentation. It Read more…

View Blog Post

Custom Rule Distribution Enhancements for cfn_nag

Introduction The cfn_nag tool is a static analysis tool for finding obvious security weaknesses in CloudFormation templates.   The core product includes rules that apply universally across environments and enterprises.  That said, the product supports the development of custom rules to allow enterprise-specific rules for compliance and security controls. For more information on developing custom rules Read more…

View Blog Post

DevOps on AWS Radio: The Do’s and Dont’s of Containers with Michael Wittig (Episode 26)

In this episode, we chat with Michael Wittig an AWS Community Hero prior to re:Invent 2019 with some of our hopes and expectations of the conference, and we also dive into a number of topics including Michael’s most recent book. In this episode, Paul Duvall and Michael Wittig will give you an overview of the Read more…

View Blog Post

Automatically Remediate Noncompliant AWS Resources using Lambda

While enterprises are capable of rapidly scaling their infrastructure in the cloud, there’s a corresponding increase in the demand for scalable mechanisms to meet security and compliance requirements based on corporate policies, auditors, security teams, and others. For example, we can easily and rapidly launch hundreds of resources – such as EC2 instances – in Read more…

View Blog Post

DevOps on AWS Radio: AWS Serverless Adoption with Tom McLaughlin (Episode 23)

In this episode, Paul Duvall covers recent DevOps on AWS news along with a discussion with Tom McLaughlin, founder of the consultancy ServerlessOps. The two dive deep into all things serverless including; use cases, serverless adoption curve, organization structures, serverless security, and more! Here are the show notes: DevOps on AWS News AWS Cloud Development Kit Read more…

View Blog Post

DevOps on AWS Radio: Serverless Architectures and Security – Ory Segal (Episode 17)

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news along with a discussion with Ory Segal, CTO and Co-Founder at PureSec about Serverless Architectures and Security. Here are the show notes: DevOps on AWS News Casey Lee – AWS Container Hero Screencast: Continuous Delivery for Machine Learning with AWS CodePipeline and Read more…

View Blog Post

Lambda Backed Custom CloudFormation Resources

re:Invent is just around the corner (next week!), which means a bunch of new services and features will be announced, and they probably won’t have CloudFormation support for a few weeks. As the biggest CloudFormation fanboy of all time, this is probably the most difficult time of the year for me, as I want to use all the new goodies but feel kinda icky not Read more…