👋 A space where I teach and share ideas.

What is a CI/CD pipeline?

If you don’t know the answer to this question don’t feel bad, engineers and IT professional at all levels sometimes don’t know the answer to this question. In my daily job I often get asked, “What is a pipeline?” The follow up question is 9/10 times, “How do I create a pipeline?” Today I would like to shed some light on the pipeline topic, mainly focusing on the first question but also why it is important to application development. This article was originally published on Medium. Link to the Medium article can be found here. The Past In simple terms a pipeline is a workflow, a workflow that application development teams use to release software. Note: Not limited to application development teams 1 Start → do something → do something → … → Release Software In order to understand “what is a pipeline?” we have to go back in time and understand how application development was done.

Ditch your SSH keys and enable AWS SSM!

If you manage AWS for an organization, big or small, chances are you have several Secure Shell (SSH) keys laying around you hardly use, OR WORSE, you don’t recall the account the key was made for. SSH key management is a rabbit hole in itself and most people understand the security concerns that arise with improper SSH key hygiene. Luckily for us, there is a way to bid farewell to the cumbersome practice of using SSH to remote into an EC2 instance. Allow me to introduce you the AWS service, Systems Manager (SSM). This article was originally published on Medium. Link to the Medium article can be found here. I will teach you the following in this guide: Identify SSM Remote Session Manager requirements-including for an enterprise Enable Remote Session Manager for all EC2 instances Enable Remote Session Manager logging Lock down Remote Session Manager through IAM User permissions 🔐 Debugging Remote Session Manager Enable SSM Remote Session Manager The AWS managed service, SSM, comes with a neat feature called Session Manager.

Automate Custom EC2 AMIs

If you work for an organization/company that leverages the services of a public cloud provider such as AWS, chances are there is a customized image available in your environment. Most companies today offer some sort of customized default image or images that contain baked in security tools, proxy variables, repository URL overrides, SSL certificates and so on. This customized image is usually sourced from common images provided by the public cloud provider. Today, we’re going to look at how we can completely automate a customized image sourced from the AWS Linux2 AMI and deploy it to all accounts inside an organization, while maintaining a minimal infrastructure footprint. Code can be found in the following GitHub repository. This article was originally published on Medium. Link to the Medium article can be found here. Assumptions Accounts are under an AWS Organizations. All accounts require the customized AMI. VPC ACLs and Security Groups allow Port 22 into to the VPC (Packer) CI/CD has proper credentials to query AWS Services (Organizations, VPC, EC2).

Invoking the AWS CLI with Terraform

Why? As awesome and powerful Terraform is, there are times when you find yourself unable to execute certain actions for your automation. This could be due to many reasons including: no Terraform resource for the AWS service, the API action is only available through the CLI/SDK, or you find yourself in a situation where it might be easier to execute an action through the CLI. The situations go on and on however, the point is we all work in varying environments with different resources and constraints. This article was originally published on Medium. Link to the Medium article can be found here. How? At the time of this writing the AWS Route53 resolver endpoint is lacking a Terraform resource(s). However, this does not mean we can’t create the desired resources without Terraform. Let’s take a peek at how we can create a route53 resolver endpoint through Terraform. Requirements: Ensure the AWS CLI can create the desired resource Have the AWS CLI and required version available in your environment Proper AWS credentials available and configured The AWS CLI is able to create route53 resolver endpoints, both inbound and outbound.