View Blog Post

Abort, Rollback…Retry? Upcoming updates to CloudFormation

Upcoming updates to CloudFormation to enable faster and more productive development.  Cloudformation templates are incredibly expressive, providing the ability to automate resource creation and configuration of many AWS services and create custom resources to accomplish an unlimited number of tasks. Cloudformation, by default, treats these stacks as single units while they are being created. If Read more…

View Blog Post

Scaling Security as Code on AWS: A DevSecOps Model

As Enterprises adopt modern application architectures, they now find they need the capability to deliver hundreds or even thousands of distinct applications while meeting stringent security and compliance requirements. Scaling the capability to deliver software securely requires a new framework for defining, creating, and delivering infrastructure and application code and brings a new set of Read more…

View Blog Post

Limiting the Blast Radius of Deployment Systems

If you are following best practices, you have adopted a multi-account strategy for your cloud applications, with different workloads spread across different accounts. Users log in to one account and assume roles in other accounts as needed. Even your build system lives in a tools account separate from all the applications it deploys. This is Read more…

View Blog Post

DevOps on AWS Radio: Mutato and Open Source at Stelligent (Episode 27)

In this episode, Michael Neil joins us to talk about Stelligent’s newest open source project and how you can use it to automate your container deployments. This tool was built to help people who are new to AWS to make their deployments easier. Scott Alexander and Shaug Evans host this episode and talk about the Read more…

View Blog Post

Three Ways: Event Driven Architecture

As the complexity and scale of our AWS use cases grow, so too does the complexity of  monitoring and managing our AWS accounts. Whether these concerns revolve around maintaining corporate compliance objectives, hardening accounts against attackers, or simply controlling cost, the enforcement mechanisms can involve some serious logic. With the advent of AWS Cloudwatch Events Read more…