AWS DevOps Blog
Tag: DevSecOps
Integrating with GitHub Actions – Amazon CodeGuru in your DevSecOps Pipeline
Many organizations have adopted DevOps practices to streamline and automate software delivery and IT operations. A DevOps model can be adopted without sacrificing security by using automated compliance policies, fine-grained controls, and configuration management techniques. However, one of the key challenges customers face is analyzing code and detecting any vulnerabilities in the code pipeline due […]
Use the Snyk CLI to scan Python packages using AWS CodeCommit, AWS CodePipeline, and AWS CodeBuild
Learn how to scan Python packages for security vulnerabilities using AWS Developer tools and Snyk
Building an end-to-end Kubernetes-based DevSecOps software factory on AWS
DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]
Building end-to-end AWS DevSecOps CI/CD pipeline with open source SCA, SAST and DAST tools
DevOps is a combination of cultural philosophies, practices, and tools that combine software development with information technology operations. These combined practices enable companies to deliver new application features and improved services to customers at a higher velocity. DevSecOps takes this a step further, integrating security into DevOps. With DevSecOps, you can deliver secure and compliant […]
Automating Blue/Green Deployments of Infrastructure and Application Code using AMIs, AWS Developer Tools, & Amazon EC2 Systems Manager
Previous DevOps blog posts have covered the following use cases for infrastructure and application deployment automation: Deploy to Production Using AWS CodeBuild and the AWS Developer Tools Suite: Deploying a simple Java application in an in-place deployment model using AWS CodeCommit, AWS CodeBuild, and AWS CodeDeploy orchestrated by AWS CodePipeline. Performing Blue/Green Deployments with AWS […]
Implementing DevSecOps Using AWS CodePipeline
DevOps is a combination of cultural philosophies, practices, and tools that emphasizes collaboration and communication between software developers and IT infrastructure teams while automating an organization’s ability to deliver applications and services rapidly, frequently, and more reliably. CI/CD stands for continuous integration and continuous deployment. These concepts represent everything related to automation of application development […]