infrastructureascode

Secure cloud provisioning pipeline with GitHub automation
20 Oct

Secure cloud provisioning pipeline with GitHub automation

stp2y0 CommentsNews, , , , , , , , ,
As a member of the Platforms engineering team, we understand that security is a shared responsibility throughout the DevSecOps lifecycle for provisioning infrastructure. As a result, we set about championing best practices across the organization, with a focus on: Configuring short-lived credentials Automating cloud-provisioning pipelines Comparing infrastructure-as-code tooling Securing deployments from code-to-delivery Figure: How to provision infrastructure-as-code. Short-lived credentials GitHub Actions form the basis of our continuous integration/continuous deployment (CI/CD) pipeline as it integrates seamlessly with GitOps: the framework by which we ship peer-reviewed code early and often. It enables us to extend our workflow with Actions from verified creators,…
Read More
Exploring CDK and Policy as Code with CDK-Nag and Python
11 Sep

Exploring CDK and Policy as Code with CDK-Nag and Python

stp2y0 CommentsNews, , , , , , , , ,
Infrastructure as Code (IaC) has become a standard in cloud development, allowing for quick environment setups and compliance through versioning. Tools like Terraform and the Cloud Development Kit (CDK) simplify the process compared to traditional CloudFormation. In a previous blog post, I discussed using a custom solution for pull request reporting with cfn-lint and cfn_nag. While cfn-lint is still valuable for creating your own compliance rules, keeping up with CDK and AWS recommendations can be challenging. Fortunately, cdk-nag can serve as a substitute for cfn-lint. CDK-Nag: Making Infrastructure Decisions Visible Most tools I've used have a common issue: they can…
Read More
Terraform Validate Command: Practical Examples and Best Practices
02 Jul

Terraform Validate Command: Practical Examples and Best Practices

stp2y0 CommentsNews, , , , , , , , ,
What is Terraform Validate The validate command helps you make sure your Terraform (or OpenTofu) code is syntactically correct before you deploy. This helps you to prevent misconfiguration due to missing attributes or incorrect dependencies, saving time, improving efficiency, and reducing cost. Under the hood, terraform validate performs these actions: Validates that the syntax of the terraform files is correct - For example, if you want to use the terraform ternary function in your code and provide the incorrect syntax halfway, terraform can capture it and help you fix it. Verifies the consistency of the terraform configuration -For instance, whether…
Read More
Use AWS Generative AI CDK constructs to speed up app development
26 Jun

Use AWS Generative AI CDK constructs to speed up app development

stp2y0 CommentsNews, , , , , , , , ,
Assemble and deploy the infrastructure for a RAG solution using AWS CDK for Python In this blog, we will use the AWS Generative AI Constructs Library to deploy a complete RAG application composed of the following components: Knowledge Bases for Amazon Bedrock: This is the foundation for the RAG solution. OpenSearch Serverless collection: It supports the vector search collection type that provides similarity search capability. An S3 bucket: This will act as the data source for the Knowledge Base. AWS Lambda function (written in Python) along with an API Gateway that uses the RetrieveAndGenerate API to query the knowledge base…
Read More
Understanding Terraform: A Guide to Effective IaC Practices
12 Jun

Understanding Terraform: A Guide to Effective IaC Practices

stp2y0 CommentsNews, , , , , , , , ,
What is Terraform? Terraform is an infrastructure as code (IaC) tool that allows you to build, change, and version cloud and on-premises resources safely and efficiently. With Terraform, you define your infrastructure using human-readable configuration files, which can be versioned, reused, and shared. It works with a wide range of platforms and services through their APIs, enabling you to manage both low-level components (such as compute instances, storage, and networking) in a consistent manner. The 3 Stage Workflow: The Coding Stage: Define resources across one or multiple cloud providers and services in your configuration files, depending on your requirements. Here…
Read More
No widgets found. Go to Widget page and add the widget in Offcanvas Sidebar Widget Area.