In my last article (Link) we reviewed Infrastructure-as-code (IaC), why it’s important, why many companies are using it, and possible ways to add security to the IaC pipeline.
We know cloud developers often find themselves in high-pressure scenarios, forced to meet deadlines, and deliver fast — and that may push them to not pay full attention to coding and configuration. Now, without proper configurations, organizations are prone to security breaches. The bottom line is, it’s important to ensure architectural best practices are followed across the development process, even on the tightest of timelines.
Now let’s work on a real example of how to build engineering best practices into the IaC pipelines automatically for an AWS environment through hundreds of checks that align to the AWS Well-Architected Framework (security, cost optimization, performance, operational excellence, and reliability) and other compliance standards. …
This article originally appeared on VMblog — Link
Technology start-ups today are primarily born in the cloud with a culture of iteration and speed. The DevOps culture allows companies — whether a start-up or not — to push new features, applications, versions, etc. every few hours or even minutes.
Cloud-based applications that are not bound to a single runtime environment have clear advantages for organizations looking to develop and innovate at speed. Container adoption offers portability, efficiency, and high utilization that make it an obvious choice for many developers.
“Every company across the globe is becoming a software company and in order to stay successful, competitive, and secure, companies need to re-think their current cybersecurity strategy for cloud workloads, containers, and serverless environments.” …
Cloud has been the new normal for years now and it has brought three major concepts in regard to building and designing cloud infrastructure which, in turn, can help you understand your cloud maturity and readiness level. Let’s look at these three concepts.
Cloud Migration is a transition, not an instant cut-over. For an organization, a hybrid cloud is the norm with physical, virtual, and cloud workloads. Usually, companies begin by migrating their monolithic applications or physical and virtual servers to cloud providers. …
Infrastructure-as-a-Code or IaC is the new normal on creating and building any new cloud environment through machine-readable files or code templates. It is important, however, to consider security concerns in regards to the infrastructure that you may be creating to ensure it is following the best practices and compliance from your organization.
Physical hardware can require you to add in the rack and make the proper configuration before starting to use it, which sometimes could take weeks or months to be able to create a new server. Now with IaC, you can create a complete infrastructure for your application in the cloud in less than an hour. The examples below illustrate the old processes of creating servers vs. …
The purpose of this article is to share workshops, books, videos, and articles to help you improve your knowledge about the DevOps world.
Sometimes it is difficult to find good content online, so I have selected the best content that I have found on the internet about DevOps, Cloud, Containers, Kubernetes, Cloud Security, and Cloud Architect, and I am sharing it with you. I hope it can be as helpful to you as it has been for me. Enjoy it 😉 !
I will be trying to add new workshops, articles, books, or architecture examples every week, so stay tuned to learn more! …
According to Gartner, “the rapid adoption of cloud services, along with an increasing number of cloud infrastructure and platform services, has created an explosion in the complexity and unmanaged risk.” There is a trend for companies across the globe to migrate their application and infrastructure to Cloud Service Providers (CSP). Every day these companies are adopting a cloud and multi-cloud strategy to get the advantages and features offered by CSP today.
Many companies are starting to test and use serverless solutions or what is called FaaS (Functions-as-a-Services). They can build new applications and innovate in some of the old apps to get the best of performance and agility for their customers and allow them to have the most cost-efficient cloud environments too. Some good examples of companies using FaaS models today are The Coca-Cola Company, Finra, iRobot, Autodesk, and other big corporations across the globe.
Why are many companies migrating applications to serverless? Below are some of the most significant advantages of serverless functions:
Without a doubt, this may be one of the most common questions from security teams nowadays. The reason behind it is, security teams are only being involved by DevOps teams when business clients reach out about compliance, security, and internal as well as external regulations. By the time this stage of the project is reached, the CI/CD pipeline is already built-in, and it may be too complex for security teams to understand all the stages in the pipeline process.
One of the most important IT cultural changes in history is growing significantly within all companies across multiple segments. It’s called DevOps, and it’s the breaking down of barriers between developer and operation teams for better communication, integration, and workflow, resulting ultimately in improved overall business performance by your company.
If you have not already begun the transition, you should do so now. It may seem like a simple task; however, there are many processes, tools, people, and cultural changes that must be implemented in order to establish great DevOps within a company. …