View Blog Post

Using Dependabot with AWS CodeCommit

Introduction In the DevSecOps world, maintaining code dependencies is key to acquiring the latest security vulnerability updates, bug fixes, and new features.  While locking down to “known-good” revisions of dependencies may avoid potential bugs and incompatibilities during continuous integration, critical updates could be missed.  Dependabot provides an automated solution to dependency management that can be Read more…

View Blog Post

Monitor GCP Costs in Slack

Stelligent has a variety of projects running on Google Cloud Platform, and we want to be diligent about controlling our costs. As a long-time remote-first enterprise, our communication centers around Slack, and we want all of our alerts to be delivered there. We’ve developed a simple way to connect Google Cloud Billing to Slack by Read more…

View Blog Post

Removing Errors on CloudFormation Stack Creation

OVERVIEW Administering AWS infrastructure through CloudFormation is one way to use Infrastructure as Code to simplify and replicate an environment. Here at Stelligent, we encourage using automation to apply CloudFormation templates. An early hurdle with CloudFormation one might encounter is a mistake that would break the initial creation of the stack. When CloudFormation fails during Read more…

View Blog Post

Deleting a Stuck CloudFormation Stack

One of the things I have come across many times over the years is attempting to delete an AWS CloudFormation Stack and getting an error like this: Role arn:aws:iam::123456789012:role/CloudFormationTrustRole-2CDE9F7RUUTH is invalid or cannot be assumed In this case, an IAM Role used by the stack either got deleted manually or by another stack when it Read more…

View Blog Post

Is Your Pipeline Ready to Speak ARM

This first half of this year featured lots of news about Arm processors (previously ARM) that culminated in three major announcements. The first was the general availability announcement from AWS of M6g Instances, powered by AWS Graviton2 processors in May. In June, Apple announced that they were migrating desktops and laptops to new Arm based Read more…

View Blog Post

Running Serverless Canary Deployments with AWS SAM

Many of us know that introducing large batches of changes into production is risky. However, because of complexity and many moving parts, it can also be risky when deploying changes in small batches – without the right techniques. One of the better ways of mitigating deployment risk is by gradually deploying small and frequent changes Read more…

View Blog Post

DevOps on AWS Radio: Kinnaird McQuade – Policy Sentry and Cloudsplaining, Stelligent Book Club (Episode 28)

In this episode, Kinnaird McQuade, Lead Cloud Security Engineer at Salesforce, joins us to talk about his tools Cloudsplaining and Policy Sentry. Policy Sentry provides a framework for writing IAM policies to make it easier to create least privilege policies. Cloudsplaining can help find policies that may allow more access than required. Keith Monihen joins Read more…

View Blog Post

Continuous Deployment for Serverless Applications on AWS

When using serverless on AWS, you do not need to worry about load balancing, auto scaling, operating system management, managing utilization, or underlying hardware failures. All of it is abstracted from you so that you can focus on coding. What’s more, since you only pay for what you use, you can do more experimentation. It Read more…

View Blog Post

Limiting the Blast Radius of Deployment Systems

If you are following best practices, you have adopted a multi-account strategy for your cloud applications, with different workloads spread across different accounts. Users log in to one account and assume roles in other accounts as needed. Even your build system lives in a tools account separate from all the applications it deploys. This is Read more…

View Blog Post

Pushbutton AWS Diagrams

It is often very useful to share diagrams when describing a software architecture to others. It applies the old adage that a “picture is worth a thousand words”. What’s more, it also helps you – as a builder – understand what you built and to learn areas to improve as you develop your software. While Read more…