AWS

This post was co-authored by Teddy Ferdinand. Who is working as Cloud Security Architect 🐻 Introduction In this series, we will talk about the emergence of the DevSecOps movement, and more especially, what the benefits are of introducing a DevSecOps approach to your existing CI/CD Pipelines. CI/CD Pipeline To give you some context, you will find in the diagram below a standard DevOps CI/CD Pipeline. DevSecWhat? DevSecOps could be defined as a shift from a central internal security team to the inclusion of security practices in the existing DevOps teams: DevSecOps 🎉 ...

This post is the second part of a series about my journey as an Independent AWS Cloud Architect. Status As I already told you in the first part, I started my own business in early January 2020. After the first 6 months of being an Independent AWS Architect in France, I’m very happy with this move, no regret, and I don’t see any upcoming U-turn to come back as a full-time employee. ...

Hi Folks, Lately, I was experimenting with GitHub Actions (GHA), as it has been a buzzword since General Availability (GA), but I didn’t take the time to try it before. I’ve done it for you folks. 🙌 Context GHA was released on GA in November 2019, the main features are: Automate development workflows (CI/CD): build, test, deploy Hosted runners / self-hosted runners Automate the management of your GH Community: PR, Code Reviews, or Issue Tracking Built-in secrets store ...

This article was originally posted in September 2019. Updated in February 2020. Disclaimer Thanks to @0xdabbad00 from SummitRoute for the original idea and jq parsing. Purpose When your production workloads rely on AWS IAM Managed Policies (don’t do this), you will need to be notified when changes occur behind the scenes. It’s also interesting to monitor new AWS service releases ahead of the announcements to get spoiled. This pet project automates the retrieval (every 4 hours) of new AWS Managed IAM Policies to make it easier to monitor and get alerted when changes occur (by AWS), using the “Watch” feature on GitHub, RSS or a dedicated Twitter Account. ...

Quick post today about cost saving on AWS. As you know, two of my preferred subjects on Public Cloud are Security and FinOps! Recently, AWS introduced a way to reduce AWS bills by up to 70% using Spot instances with the AWS Fargate service. It’s really easy to use. If your workload is interruption-proof, batch jobs, or CI/CD containers, don’t hesitate to use it to drastically reduce your workload costs. Using Terraform, you just have to specify capacity_providers and/or default_capacity_provider_strategy on your aws_ecs_cluster resource. ...