AWS Partner Network (APN) Blog
Category: AWS CloudFormation
Using AWS CloudFormation Modules to Improve Enterprise Security
Dive deep on AWS Identity and Access Management (IAM) permissions and how the principle of least privilege can be best achieved when using AWS CloudFormation, and more specifically CloudFormation Modules, to provision resources on AWS. CloudFormation Modules are a way to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way.
Using AWS CodeBuild and Bridgecrew to Prevent Misconfigurations in AWS CloudFormation and Terraform
Scanning for misconfigurations as part of your CI/CD pipeline helps maintain a solid security posture for all changed resources before provisioning them to a running environment. Learn how to integrate infrastructure as code security and compliance scanning using AWS CodeBuild and Bridgecrew, a cloud security platform for developers. Bridgecrew is generally used to find security misconfigurations and policy violations across Amazon Web Services (AWS) and in configuration frameworks.
Rapid Data Lake Development with Data Lake as Code Using AWS CloudFormation
Data lakes have evolved into the single store-platform for all enterprise data managed. On AWS, an integrated set of services are available to engineer and automate data lakes. A data lake on AWS is able to group all of the previously mentioned services of relational and non-relational data and allow you to query results faster and at a lower cost. Learn how nClouds used code automation via AWS CloudFormation to create a dynamic data lake stack to visualize and analyze the financial market data.
10 Best Practices to Help Partners Build AWS Quick Starts for Customers
AWS Partners in the AWS Quick Start program can help their customers automate the deployment of their solutions, increasing customer engagements and improving the customer experience. The AWS Quick Start team has had considerable experience working with a variety of partner products, and has identified best practices to follow when developing a Quick Start and common missteps to avoid. By following these steps, you can efficiently and effectively develop Quick Starts using the AWS platform.
Provisioning a Virtual Private Cloud at Scale with AWS CDK
Infrastructure as code is one of the most important concepts used with cloud solutions, and AWS CloudFormation enables IaC by deploying stacks and provisioning resources on AWS using JSON or YAML files called templates. APN Ambassador Francois Rouxel from Slalom will show you how to create a hundred VPCs in one AWS region without providing any parameters, and how to easily establish a peering connection between two of them within a single line of code.
Using Shift-Left to Find Vulnerabilities Before Deployment with Trend Micro Template Scanner
Shift-Left is increasingly being employed within DevOps organizations to ensure companies minimize risk early in their infrastructure as code (IaC) deployment cycle. This post explains how to combine two of the technologies that make Shift-Left possible. The first is AWS CloudFormation, which represents IaC, and the second is Trend Micro’s Template Scanner, which checks your IaC to make sure it conforms to the AWS Well-Architected Framework.
Using Terraform to Manage AWS Programmable Infrastructures
Terraform and AWS CloudFormation allow you to express infrastructure resources as code and manage them programmatically. Each has its advantages, but some enterprises already have expertise in Terraform and prefer using it to manage their AWS resources. To accommodate that preference, CloudFormation allows you to use non-AWS resources to manage AWS infrastructure. Learn the steps to create a CloudFormation registry resource type for Terraform and deploy it as an AWS Service Catalog product.
Listing Serverless Applications with Your Amazon Machine Images on AWS Marketplace
By using serverless applications alongside existing Amazon Machine Images, ISVs can provide customers with solutions that are easier to use, more elastic, and more scalable. AWS Marketplace recently announced a feature that enables sellers to publish solutions comprised of AMIs and serverless applications that customers can deploy AWS CloudFormation. This makes it easier for customers to deploy software solutions, rather than ISVs packaging AWS Lambda code into an AMI or referencing their own Amazon S3 bucket.
How to Centralize SSH Key Management with Userify and AWS CloudFormation
As teams begin to build their architecture on AWS, the question often arises about how to manage access control to all of their instances. Userify solves this problem quickly and easily by providing Userify Cloud or, for self-hosting, a single instance or multi-Availability Zone cluster that runs in your Amazon VPC. Userify Cloud is a fully managed service that can be used across your VPCs and AWS accounts with no installation needed.
Testing AWS GameDay with the AWS Well-Architected Framework – Continued Remediation
This is the third post in our series documenting a project to fix issues with the AWS GameDay architecture by using tenets of the AWS Well-Architected Framework. In Part 2, we remediated the critical findings found in our initial review and here we’ll cover remediating the deficiencies found in our Disaster Recovery plan, as well as other optimizations we’ve made due to recent announcements. We will also discuss how to address another crucial component in our application development—testing.