AWS DevSecOps CI-CD Patterns

Some common use cases and patterns within AWS, for DevSecOps, CI-CD

Security must be built within the Dev-Ops process, of building, testing, deploying and then supporting that application stack. Security refers to the security of the environments, repos, code, data, and production stack to be operationally managed (it does not refer to all Security within the general platform).

Tool Chain
Value Stream, Metrics
Jenkins, CFT
Git, Qualys, CodePipeline, CFT
Code Deploy, Containers, ECR
  1. SAM (serverless application model) defines the Serverless Architecture
  2. Jenkins Job triggered by a commit to GitLab
  3. Jenkins job is configured by cloning the code from SCM (source control manager). 
  4. Job uses a specified build information of the applications from SAM 
  5. Unit test of the code, the Application codebase can be tested and validated before it gets deployed into AWS Lambda. 
  6. Jenkins deploys the Lambda application in AWS via Jenkins AWS SAM plugin
  7. With updates on the Lambda function, this pipeline will automatically get triggered and the entire workflow will be executed and finally it will automatically be deployed again to the AWS platform
Tips and Tricks
Magic DevSecOps Figure 8 Target Model, No one really knows what this means but it looks good

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.