View Blog Post

Abort, Rollback…Retry? Upcoming updates to CloudFormation

Upcoming updates to CloudFormation to enable faster and more productive development.  Cloudformation templates are incredibly expressive, providing the ability to automate resource creation and configuration of many AWS services and create custom resources to accomplish an unlimited number of tasks. Cloudformation, by default, treats these stacks as single units while they are being created. If Read more…

View Blog Post

Scaling Security as Code on AWS: A DevSecOps Model

As Enterprises adopt modern application architectures, they now find they need the capability to deliver hundreds or even thousands of distinct applications while meeting stringent security and compliance requirements. Scaling the capability to deliver software securely requires a new framework for defining, creating, and delivering infrastructure and application code and brings a new set of Read more…

View Blog Post

Enterprise Scale CI/CD with Pipeline Factory on AWS

Find this blog interesting? Make sure you register and join us on May 12-13 at the AWS Summit Americas for a demo. With the adoption of modern application architectures, many enterprises find they need the capability to deliver hundreds or even thousands of distinct applications and their CI/CD pipelines. Scaling the capability to deliver CI/CD Read more…

View Blog Post

Security Response and Remediation Automation on AWS

Consider the following questions when it comes to the typical approach to security error detection and remediation in many enterprises today: How does security error detection occur?   When and how often does it occur?  Who is usually involved in fixing these security issues?  What is the approach to fixing these issues?  How long does it Read more…

View Blog Post

AWS re:Invent 2020 DevSecOps re:Cap

Since AWS re:Invent 2020 was 100% virtual, I got opportunities to consume more content than I typically do at the conference but this came at the cost of missing out on opportunities to meet with new people and those I typically see every year at this time. The nice thing is that more people from Read more…

View Blog Post

Using Dependabot with AWS CodeCommit

Introduction In the DevSecOps world, maintaining code dependencies is key to acquiring the latest security vulnerability updates, bug fixes, and new features.  While locking down to “known-good” revisions of dependencies may avoid potential bugs and incompatibilities during continuous integration, critical updates could be missed.  Dependabot provides an automated solution to dependency management that can be Read more…

View Blog Post

Removing Errors on CloudFormation Stack Creation

OVERVIEW Administering AWS infrastructure through CloudFormation is one way to use Infrastructure as Code to simplify and replicate an environment. Here at Stelligent, we encourage using automation to apply CloudFormation templates. An early hurdle with CloudFormation one might encounter is a mistake that would break the initial creation of the stack. When CloudFormation fails during Read more…

View Blog Post

Deleting a Stuck CloudFormation Stack

One of the things I have come across many times over the years is attempting to delete an AWS CloudFormation Stack and getting an error like this: Role arn:aws:iam::123456789012:role/CloudFormationTrustRole-2CDE9F7RUUTH is invalid or cannot be assumed In this case, an IAM Role used by the stack either got deleted manually or by another stack when it Read more…

View Blog Post

DevOps on AWS Radio: Kinnaird McQuade – Policy Sentry and Cloudsplaining, Stelligent Book Club (Episode 28)

In this episode, Kinnaird McQuade, Lead Cloud Security Engineer at Salesforce, joins us to talk about his tools Cloudsplaining and Policy Sentry. Policy Sentry provides a framework for writing IAM policies to make it easier to create least privilege policies. Cloudsplaining can help find policies that may allow more access than required. Keith Monihen joins Read more…

View Blog Post

Pushbutton AWS Diagrams

It is often very useful to share diagrams when describing a software architecture to others. It applies the old adage that a “picture is worth a thousand words”. What’s more, it also helps you – as a builder – understand what you built and to learn areas to improve as you develop your software. While Read more…