AWS DevOps Blog
Category: AWS CodePipeline
Use the Snyk CLI to scan Python packages using AWS CodeCommit, AWS CodePipeline, and AWS CodeBuild
Learn how to scan Python packages for security vulnerabilities using AWS Developer tools and Snyk
Enforcing AWS CloudFormation scanning in CI/CD Pipelines at scale using Trend Micro Cloud One Conformity
Integrating AWS CloudFormation template scanning into CI/CD pipelines is a great way to catch security infringements before application deployment. However, implementing and enforcing this in a multi team, multi account environment can present some challenges, especially when the scanning tools used require external API access. This blog will discuss those challenges and offer a solution […]
Continuous Compliance Workflow for Infrastructure as Code: Part 2
In the first post of this series, we introduced a continuous compliance workflow in which an enterprise security and compliance team can release guardrails in a continuous integration, continuous deployment (CI/CD) fashion in your organization. In this post, we focus on the technical implementation of the continuous compliance workflow. We demonstrate how to use AWS […]
Building a CI/CD pipeline to update an AWS CloudFormation StackSets
AWS CloudFormation StackSets can extend the functionality of CloudFormation Stacks by enabling you to create, update, or delete one or more stack across multiple accounts. As a developer working in a large enterprise or for a group that supports multiple AWS accounts, you may often find yourself challenged with updating AWS CloudFormation StackSets. If you’re […]
Building an end-to-end Kubernetes-based DevSecOps software factory on AWS
DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]
Integrate GitHub monorepo with AWS CodePipeline to run project-specific CI/CD pipelines
Understand how to automate trigger of project specific code pipeline for GitHub mono repos users. Currently, if a customer is using GitHub as a version control system and he has only one repository which contains multiple folders each for a different project, change in any file, triggers the code pipeline for the whole repository rather than for the appropriate project. With this blog, they would be able to automate trigger of appropriate pipeline based on the project folder where the file gets changed.
How SOMA Global deploys their application with a dynamic multi-account pipeline
In April 2020, SOMA Global, a leading provider of Public Safety as a Service (PSAAS™), set out to update its computer aided design (CAD) platform to increase reliability to 99.999%, an industry first. SOMA Global adopted an account-based approach for tenant isolation to meet Criminal Justice Information Service (CJIS) regulations. The development and operations team […]
Serverless UI testing using Selenium, AWS Lambda, AWS Fargate, and AWS Developer Tools
Since the post Using AWS CodePipeline, AWS CodeBuild, and AWS Lambda for Serverless Automated UI Testing was published, things have evolved with Chrome headless and Firefox headless being supported natively. AWS Lambda now supports container images, AWS Step Functions has added support for Map state and its integration with Lambda, and AWS Fargate has enabled […]
Tracking the AWS CodePipeline build status from the third-party Git repository
AWS CodePipeline allows you to use a third-party Git repository as a source for a pipeline, however, the status of the build may not be available on the 3rd party git repository dashboard. As a developer, it is preferable to see the build / pipeline status in the same dashboard when working with repository. This […]
Using AWS DevOps Tools to model and provision AWS Glue workflows
This post provides a step-by-step guide on how to model and provision AWS Glue workflows utilizing a DevOps principle known as infrastructure as code (IaC) that emphasizes the use of templates, source control, and automation. The cloud resources in this solution are defined within AWS CloudFormation templates and provisioned with automation features provided by AWS […]