AWS DevOps Blog

Category: DevOps

CI/CD Platform with Gitlab and AWS

Choosing a Well-Architected CI/CD approach: Open Source on AWS

Introduction When building a CI/CD platform, it is important to make an informed decision regarding every underlying tool. This post explores evaluating the criteria for selecting each tool focusing on a balance between meeting functional and non-functional requirements, and maximizing value. Your first decision: source code management. Source code is potentially your most valuable asset, […]

Read More
Multi-account CodeGuru profiling

Building a centralized Amazon CodeGuru Profiler dashboard for multi-account scenarios

This post shows you how to configure CodeGuru Profiler to collect multiple applications’ profiling data into a central account and review the applications’ performance data on one dashboard.

Read More

Chaos engineering on Amazon EKS using AWS Fault Injection Simulator

In this post, we discuss how you can use AWS Fault Injection Simulator (AWS FIS), a fully managed fault injection service used for practicing chaos engineering. AWS FIS supports a range of AWS services, including Amazon Elastic Kubernetes Service (Amazon EKS), a managed service that helps you run Kubernetes on AWS without needing to install […]

Read More

Extending an AWS CodeBuild environment for CPP applications

AWS CodeBuild is a fully managed build service that offers curated Docker images. These managed images provide build environments for programming languages and runtimes such as Android, Go, Java, Node.js, PHP, Python, Ruby, Docker, and .Net Core. However, there are a lot of existing CPP-based applications, and developers may have difficulties integrating these applications with […]

Read More
Feature image for AWS CloudFormation and Cloud Conformity template scanning blog

Enforcing AWS CloudFormation scanning in CI/CD Pipelines at scale using Trend Micro Cloud One Conformity

Integrating AWS CloudFormation template scanning into CI/CD pipelines is a great way to catch security infringements before application deployment. However, implementing and enforcing this in a multi team, multi account environment can present some challenges, especially when the scanning tools used require external API access. This blog will discuss those challenges and offer a solution […]

Read More
Amazon CodeGuru icon

Introducing new self-paced courses to improve Java and Python code quality with Amazon CodeGuru

This post announces the availability of new self-paced where you learn how to use CodeGuru Reviewer to automatically scan your code base, identify hard-to-find bugs and vulnerabilities, and get recommendations for fixing the bugs and security issues.

Read More
solution architecture diagram

Continuous Compliance Workflow for Infrastructure as Code: Part 2

In the first post of this series, we introduced a continuous compliance workflow in which an enterprise security and compliance team can release guardrails in a continuous integration, continuous deployment (CI/CD) fashion in your organization. In this post, we focus on the technical implementation of the continuous compliance workflow. We demonstrate how to use AWS […]

Read More

Use AWS CodeCommit to mirror an Azure DevOps repository using an Azure DevOps pipeline

AWS customers with Git repositories in Azure DevOps can automatically backup their repositories in the AWS Cloud using an AWS CodeCommit repository as a replica. By configuring an Azure DevOps pipeline, the source and replica repositories can be automatically kept in sync. When updates are pushed to the source repository, the pipeline will be triggered […]

Read More
Containers devsecops pipeline architecture

Building an end-to-end Kubernetes-based DevSecOps software factory on AWS

DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]

Read More