Category: Infrastructure & Automation

Best practices for addressing security and access control and configuration when bootstrapping EC2 instances in the Amazon Web Services Cloud.

In this quick recap, I feature five blog posts that show how you can use custom resources to extend AWS CloudFormation templates, from start to stack cleanup, when you’re building automated deployments.

Learn how to automate the installation of cfn-init helper scripts across operating systems by invoking quickstart-linux-utilities at stack launch.

Track what is happening with your Amazon EC2 instance at creation time by leveraging CloudWatch to externalize log data. Use AWS Secrets Manager for credential security with PowerShell scripts, and create a reusable AWS CloudFormation template.

While Quick Start reference architectures eliminate code that customers would have to write themselves, technology partners actively contribute to improve the standards and feature sets. As an example, read about how Alfresco achieved key enhancements to the Amazon EKS Architecture Quick Start.

In this second post of a two-part series, learn how to enhance the security of your bastion hosts by using Amazon EC2 Instance Connect. With EC2 Instance Connect, you no longer have to associate a key pair to the instance, and you don’t need to permanently add user keys to authorized keys.

Learn how to extend AWS CloudFormation by using AWS CodeBuild as a long-lived compute environment. This example is based on the AWX Quick Start.

Learn how to create robust AWS CloudFormation custom resources by using the custom resource helper (crhelper) and AWS Lambda.

Looking for a way to improve your security posture by eliminating open ports on your private Amazon EC2 instances? Learn how you can use the AWS Systems Manager Session Manager to securely connect to your instances without requiring open ports or a key pair.

Tired of writing out each Amazon CloudWatch alarm within your AWS CloudFormation template? Learn how to append alarms automatically by using a CloudFormation macro.