Some common use cases and patterns within AWS, for DevSecOps, CI-CD
Security must be built within the Dev-Ops process, of building, testing, deploying and then supporting that application stack. Security refers to the security of the environments, repos, code, data, and production stack to be operationally managed (it does not refer to all Security within the general platform).
- SAM (serverless application model) defines the Serverless Architecture
- Jenkins Job triggered by a commit to GitLab
- Jenkins job is configured by cloning the code from SCM (source control manager).
- Job uses a specified build information of the applications from SAM
- Unit test of the code, the Application codebase can be tested and validated before it gets deployed into AWS Lambda.
- Jenkins deploys the Lambda application in AWS via Jenkins AWS SAM plugin
- With updates on the Lambda function, this pipeline will automatically get triggered and the entire workflow will be executed and finally it will automatically be deployed again to the AWS platform
