If you are reading this then chances are you are one of the many builders who have eagerly anticipated a code signing functionality to be released from AWS. For those that are a bit unsure of what exactly code signing is, just think of it as a mechanism that verifies the executable code is authored from a trusted source. This is similar to how people in earlier times would seal their letters with a wax seal containing their unique seal. That way the reader would know that the letter came from said person and that it was unaltered.
AWS Signing is the name of the service and at the time of this writing it supports code signing for AWS Lambda and AWS IoT. This article will focus on code signing for AWS Lambda and how to integrate into your Terraform. All example code can be found in this Github project. So on that note let’s just dive into it. …
Chances are most of us have unique situations for wanting to interact with DynamoDB locally, maybe it’s to develop and test different data models, perhaps it’s to develop programmatic functions to interact with the database, perhaps you want to reduce development expenses, or perhaps you’re just doing research. Regardless of your reasons, I want to help you by showing you how to leverage DynamoDB locally. We will use the following tools.
We will walk through setting up the local environment, generating data, uploading data, interacting with the noSQL Workbench, and some neat tips to keep in mind. …
Chances are most of us have stumbled into someone’s digital portfolio. This can range from book authors to IT professionals, it’s pretty universal as everyone can benefit from it. Is it needed, probably not but it does help quite a bit in showcasing your skills and who knows, perhaps it could be the difference between you getting an interview and/or a phone call.
Let’s say you decided you want a digital portfolio, you’re probably wondering how to go about getting started? Does it cost money? Is it affordable? Do I have to be a programmer? …
HahsiCorp has added two new tools in Terraform. As of Terraform
v.12.20 there are two new functions available for consumers
can(). Along with these two functions, there is an experimental feature available,
variable_validation. In this article, we’re going to look into how these new functions are used and how they works.
All code snippets can be found at https://github.com/karl-cardenas-coding/terraform-functions
Note: Variable validation is an experimental feature as of
v12.20 use with caution as it is not recommended for production usage at this time.
try()function can only catch and handle dynamic errors resulting from access to data that isn't known until runtime. It will not catch errors relating to expressions that can be proven to be invalid for any input, such as a malformed resource reference. …
There is no easy button!
We have all been there, feeling stuck, unsure of how to move to the next level. This can apply to your current job role or career as a whole. And unfortunately, this feeling of being trapped is also not a one-time incident, sometimes we can feel this way several times throughout our careers. You already know this but sometimes it helps to hear it again. To get to the next step, there is no easy button!
In the past year, I’ve been asked by fellow IT professionals for guidance on advancing in the IT field. Everyone’s situation is different but they all share common pain points. In an effort to help others beyond my immediate reach, I decided to write down the advice I provide to those that seek my input. However, this is only one man’s words and I recommend to always seek multiple perspectives to see which applies best to your situation! …
Sentinel is HashiCorp’s framework for the implementation of Policy as Code (PaC). It integrates with Infrastructure as Code (IaC), and allows teams/organizations to be proactive from a compliance/risk standpoint. Sentinel allows for granular, logic-based policy decisions that reads information from external sources to derive a decision.
In plain English, based on logic written (policies), Sentinel can act as a decision maker based on information provided. This is pretty handy when you want to prevent users from executing specific actions, or ensure that certain steps/actions are conducted. For example, an employee attempting to deploy a bad practice network rule that allows everyone in the internet inbound access! …
The explosion of public cloud platforms has made the accessibility and consumption of IT infrastructure an uncomplicated experience. The traditional IT infrastructure found in vast and expensive corporate data centers can now be consumed by anyone with an internet connection. As organizations/businesses start consuming public cloud platforms and its infrastructure you often hear the expression, infrastructure as code (IaC).
If you have ever wondered, the what, the why, and the how, in regards to IaC then you have come to the right place.
Before we dive into the nuts and bolts of IaC it helps to first understand how IT infrastructure works. Let’s start with static infrastructure, think server racks, mainframes, routers, switches, firewalls, and pretty much any equipment you expect to find in a traditional data center. In this static infrastructure environment, when you need more capacity you simply add more capacity though physical provisioning, either through horizontal and/or vertical scaling. The need for physical provisioning and waiting for the compute capacity to become available is what makes this environment static. …
We have all been there, the moment
terraform apply crashes because someone made a manual change and removed a resource that terraform is expecting to be available. You try to do a
terraform refresh but to no luck! What do you do at this point? Sometimes the only option is to make modifications to the terraform state file. This article will walk you through how to make state file modifications, both the right and the wrong way, so that you can educate other in the future on how to make statefile changes properly.
One could easily open up the terraform.tfstate file and manually do “JSON surgery” but this is not a recommended action, mainly for the high chance of human errors and potentially wrecking your state file. That being said, allow to me show you how. …
If you don’t know the answer to this question don’t feel bad, engineers and IT professional at all levels sometimes don’t know the answer to this question. In my daily job I often get asked, “What is a pipeline?” The follow up question is 9/10 times, “How do I create a pipeline?” Today I would like to shed some light on the pipeline topic, mainly focusing on the first question but also why it is important to application development.
In simple terms a pipeline is a workflow, a workflow that application development teams use to release software.
Note: Not limited to application development…
If you manage AWS for an organization, big or small, chances are you have several Secure Shell (SSH) keys laying around you hardly use, OR WORSE, you don’t recall the account the key was made for. SSH key management is a rabbit hole in itself and most people understand the security concerns that arise with improper SSH key hygiene. Luckily for us, there is a way to bid farewell to the the cumbersome practice of using SSH to remote into an EC2 instance. Allow me to introduce you the AWS service, Systems Manager (SSM).
I will teach you the following in this…