View Blog Post

Continuous Deployment for Serverless Applications on AWS

When using serverless on AWS, you do not need to worry about load balancing, auto scaling, operating system management, managing utilization, or underlying hardware failures. All of it is abstracted from you so that you can focus on coding. What’s more, since you only pay for what you use, you can do more experimentation. It Read more…

View Blog Post

Development Acceleration Through VS Code Remote Containers: How We Leverage VS Code Remote Containers For Rapid Development of cfn_nag

This is the final blog post in a three-part series about the use of the Visual Studio Code Remote – Containers extension. The first post went over the benefits and general concepts of using a dev container to develop a project. The second showed some basic examples on how to get started along with introducing Read more…

View Blog Post

Building Developer Sandboxes on AWS with Attribute-based access control (ABAC)

Identity Management had a curious beginning in the early 1500s in England, where parish churches kept elaborate written records “for the purpose of preventing bigamy and consanguineous marriage.” It was the invention of the automobile 400 years later that furthered the creation of personal identification when in 1903 two US states issued the first driver’s Read more…

View Blog Post

Development Acceleration Through VS Code Remote Containers: Setting Up a Foundational Configuration

This blog post is the second in a three-part series about the Visual Studio Code Remote – Containers extension. The first post went over the benefits and general concepts of using a container for development work on a project. This post will go over some instructions on how to implement this for a project, basic Read more…

View Blog Post

Development Acceleration Through VS Code Remote Containers: An Introduction

This blog post will be part one of a three-part series on Visual Studios Code Remote – Containers. Prior knowledge of Visual Studios Code editor is recommended to better understand the items discussed in this series; more information can be found here. Part one will explain the general concepts of utilizing VS Code Remote – Read more…

View Blog Post

Three Ways: Event Driven Architecture

As the complexity and scale of our AWS use cases grow, so too does the complexity of  monitoring and managing our AWS accounts. Whether these concerns revolve around maintaining corporate compliance objectives, hardening accounts against attackers, or simply controlling cost, the enforcement mechanisms can involve some serious logic. With the advent of AWS Cloudwatch Events Read more…

View Blog Post

Run AWS CloudFormation tests from CodePipeline using TaskCat

The AWS QuickStart team open sourced a project they use for automated testing of CloudFormation templates called TaskCat. With TaskCat, you can run automated tests to learn of and fix any errors that arise in your CloudFormation templates. If you have been using CloudFormation for any period of time, you will learn that even if Read more…

View Blog Post

Automate Encryption in Transit with AWS Certificate Manager

Traditionally, managing transport layer security (TLS) digital certificates that are used for encrypting data in transit between clients and servers has been a very manual process. In 2016, Amazon Web Services began offering the AWS Certificate Manager (ACM) – a service for managing these digital certificates. By using AWS CloudFormation and AWS CodePipeline, you can Read more…

View Blog Post

Continuous Compliance on AWS with CodePipeline and CloudFormation

Whether it’s in or out of the cloud, most IT compliance usually comes in the form of a multitude of checklists – like the one you see below. It might be a spreadsheet, website, or other “digital” tool but, in the end, it’s still checklists that software teams must comply with by filling out forms Read more…

View Blog Post

Continuous Compliance on AWS Workflow

It’s 7:37 AM on a Sunday. You’re in the Security Operations Center (SOC) and alarms and emails are seemingly being triggered everywhere. You and a colleague are combing through dashboards and logs to determine what is causing these alerts. After running around with your “hair on fire” for around 30 minutes, you finally determine that Read more…