AWS DevOps & Developer Productivity Blog

Category: Security, Identity, & Compliance

Enabling DevSecOps with Amazon CodeCatalyst

DevSecOps is the practice of integrating security testing at every stage of the software development process. Amazon CodeCatalyst includes tools that encourage collaboration between developers, security specialists, and operations teams to build software that is both efficient and secure. DevSecOps brings cultural transformation that makes security a shared responsibility for everyone who is building the […]

Integrating with GitHub Actions – Amazon CodeGuru in your DevSecOps Pipeline

Many organizations have adopted DevOps practices to streamline and automate software delivery and IT operations. A DevOps model can be adopted without sacrificing security by using automated compliance policies, fine-grained controls, and configuration management techniques. However, one of the key challenges customers face is analyzing code and detecting any vulnerabilities in the code pipeline due […]

Secure CDK deployments with IAM permission boundaries

The AWS Cloud Development Kit (CDK) accelerates cloud development by allowing developers to use common programming languages when modelling their applications. To take advantage of this speed, developers need to operate in an environment where permissions and security controls don’t slow things down, and in a tightly controlled environment this is not always the case. […]

The most visited AWS DevOps blogs in 2022

As we kick off 2023, I wanted to take a moment to highlight the top posts from 2022. Without further ado, here are the top 10 AWS DevOps Blog posts of 2022. #1: Integrating with GitHub Actions – CI/CD pipeline to deploy a Web App to Amazon EC2 Coming in at #1, Mahesh Biradar, Solutions […]

Detecting security issues in logging with Amazon CodeGuru Reviewer

Amazon CodeGuru is a developer tool that provides intelligent recommendations for identifying security risks in code and improving code quality. To help you find potential issues related to logging of inputs that haven’t been sanitized, Amazon CodeGuru Reviewer now includes additional checks for both Python and Java. In this post, we discuss these updates and […]

Get started with AWS DevOps Guru Multi-Account Insight Aggregation with AWS Organizations

Amazon DevOps Guru is a fully managed service that uses machine learning (ML) to continuously analyze and consolidate operational data streams from multiple sources, such as Amazon CloudWatch metrics, AWS Config, AWS CloudFormation, AWS X-Ray, and provide you with a single console dashboard. This dashboard helps customers improve operational performance and avoid expensive downtime by […]

Automated security and compliance remediation at HDI

with Dr. Malte Polley (HDI Systeme AG – Cloud Solutions Architect) At HDI, one of the biggest European insurance group companies, we use AWS to build new services and capabilities and delight our customers. Working in the financial services industry, the company has to comply with numerous regulatory requirements in the areas of data protection […]

Containers devsecops pipeline architecture

Building an end-to-end Kubernetes-based DevSecOps software factory on AWS

DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]

Solution architecture

Integrating with Aarogya Setu Open API on AWS to ensure a safe workspace

The Indian government announced the Open API Service from Aarogya Setu (ASetu) in August, 2020. It enables organizations and business entities to fetch the COVID-19 risk status of their employees or any other ASetu app users. Most office spaces have a visitor management system that controls access or logs the identities of people entering the […]

Building end-to-end AWS DevSecOps CI/CD pipeline with open source SCA, SAST and DAST tools

DevOps is a combination of cultural philosophies, practices, and tools that combine software development with information technology operations. These combined practices enable companies to deliver new application features and improved services to customers at a higher velocity. DevSecOps takes this a step further, integrating security into DevOps. With DevSecOps, you can deliver secure and compliant […]