View Blog Post

CloudFormation Point-of-Change Compliance: Hooks First Impressions

Intro  Security and compliance controls are an important part of the software development life cycle.  When organizations and teams move software delivery from months to hours, the processes related to compliance evaluation can become a bottleneck for delivery.  In his article, “Compliance in a DevOps Culture,” Carl Nygard outlines different approaches teams can take to Read more…

View Blog Post

Stelligent and AWS Partnership: Built on Control Tower

Built on Control Tower Mphasis Stelligent is proud to be an AWS Built on Control Tower Partner and a Management and Governance Partner! Find this blog interesting? Make sure you register and join us on Nov 17 for an AWS Control Tower Activation Day. Control Tower and BoCT Overview Cloud transformation is a large undertaking. The setup and Read more…

View Blog Post

Abort, Rollback…Retry? Upcoming updates to CloudFormation

Upcoming updates to CloudFormation to enable faster and more productive development.  Cloudformation templates are incredibly expressive, providing the ability to automate resource creation and configuration of many AWS services and create custom resources to accomplish an unlimited number of tasks. Cloudformation, by default, treats these stacks as single units while they are being created. If Read more…

View Blog Post

Security Response and Remediation Automation on AWS

Consider the following questions when it comes to the typical approach to security error detection and remediation in many enterprises today: How does security error detection occur?   When and how often does it occur?  Who is usually involved in fixing these security issues?  What is the approach to fixing these issues?  How long does it Read more…

View Blog Post

Stelligent U: Onboarding New Hires with a Standard Development Environment

Let’s imagine this scenario: Today is the first day of your new gig. With overwhelming nervous energy, you’re awake so early you wonder how people normally wake up at this hour, you even combed your hair today (maybe even showered?) and you’re ready to put your best foot forward and conquer the world. You have Read more…

View Blog Post

Infrastructure as Code and Stelligent U

At Stelligent, Infrastructure as Code (IaC) is foundational to our mantra of “Automate Everything”. This is reflected in our new engineer training, Stelligent U, which has recently been open-sourced. Throughout the training, we focus on creating and updating resources via CloudFormation. Even with templates provided as reference, the engineer is the ultimate decision-maker for building Read more…

View Blog Post

Removing Errors on CloudFormation Stack Creation

OVERVIEW Administering AWS infrastructure through CloudFormation is one way to use Infrastructure as Code to simplify and replicate an environment. Here at Stelligent, we encourage using automation to apply CloudFormation templates. An early hurdle with CloudFormation one might encounter is a mistake that would break the initial creation of the stack. When CloudFormation fails during Read more…

View Blog Post

Generating Least Privileged IAM Roles for CloudFormation and Service Catalog with cfn-leaprog

CloudFormation Development Process and Privilege As a developer works through the development of a CloudFormation template, they are likely working in a “sandbox” account where they have significant “power user” privileges.  This is convenient in order to allow the developer to focus on the business needs, but what happens when the same template is converged Read more…

View Blog Post

Implementing Amazon Inspector in Automated AMI Pipelines

This is part two of a two part series on Amazon Inspector. This article is about implementing Amazon Inspector in automated AMI pipelines. The first article is an Introduction to Amazon Inspector. Automated security scanning is an essential part of DevSecOps, however setting the scanning up can be cumbersome. This quickstart incorporates Amazon Inspector and Read more…

View Blog Post

Thought Experiment: Proposed Complexity Metric for IAM Policy Documents

Code Complexity Metrics When a professional software developer writes code, they measure the complexity of the code they write.  The contrapositive holds true as well that those who don’t measure the complexity of their code are not professional.  There are a variety of code complexity metrics available to the professional developer. The “better” metrics are Read more…