Automation

This post was co-authored by Teddy Ferdinand. Who is working as Cloud Security Architect 🐻 Introduction In this series, we will talk about the emergence of the DevSecOps movement, and more especially, what are the benefits of introducing a DevSecOps approach on your existing CI/CD Pipelines. CI/CD Pipeline To give you some context, you will find in the diagram below a standard DevOps CI/CD Pipeline. DevSecWhat? DevSecOps could be defined as a shift from a central internal security team to the inclusion of security practices into the existing DevOps teams: DevSecOps 🎉 ...

TL;DR: I search “@awscloud” in their Twitter Bio and add their profiles to a public Twitter list. One opportunity to get fresh news from AWS ecosystem is to follow relevant current or former Amazon (Web Services) employees called Amazonians on Twitter, but it could be difficult to stalk their profiles across the myriad of user-profiles talking about #AWS subjects… Lately, I was working on a quick python Proof of Concept (another excuse to ramp-up my python 🐍 skills) to query Twitter API to found profiles with a specific twitter description/bio, and I questioned myself if I could use this to find more and more AWS employees :roll_eyes: ...

Info: This is our first post of a serie of coauthoring articles with @kharec Serverless SFTP with AWS Transfer for SFTP Sometimes in web world, we need to quickly deploy a space to share datas with programs or with other humans. One of the numerous solutions is an SFTP space out there. But you know: create the server, configure the service, partition the users, the permissions, the folders, etc… It’s getting heavy faster than a speeding bullet! ...

Following the announced new opt-in option regarding the default encryption of EBS Volumes a few days ago, I’ve made a small python script to enable this feature on all AWS regions within an AWS Account. Quick and Dirty Simple. This is an example, use it at your own risk, and test it before applying to production, as usual :) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 import boto3 AWS_REGION = 'eu-west-1' session = boto3.Session(region_name=AWS_REGION) ec2 = session.client('ec2') def main(event, context): ec2_regions = [region['RegionName'] for region in ec2.describe_regions()['Regions']] # For all AWS Regions for region in ec2_regions: conn = boto3.client('ec2', region_name=region) print ("Checking AWS Region: " + region) status = conn.get_ebs_encryption_by_default() print ("===="*10) result = status["EbsEncryptionByDefault"] if result == True: print ("Activated, nothing to do") else: print("Not activated, activation in progress") conn.enable_ebs_encryption_by_default() if __name__ == '__main__': main(0,0) That’s all folks! ...

In this article, I will describe my current pets projects. These are mainly excuses to learn something new for me, or exercises to go deeper in particular technologies, but could be (I hope) useful for you too. Don’t hesitate to issue enhancements, bugfix (PR), or just give a try to give me your thoughts. Instance Watcher :construction_worker: Tech: Lambda, Python, Serverless Application Model (SAM), SES This app will scan your AWS Account against all EC2 region worldwide and notify you by email when you have some running EC2 instances. It’s useful for non-production environments that you need to monitor. Usecase: labs/training, sandbox accounts. ...