2018 Year in Review: CI/CD, Security & AWS Expert Tools
As we greet the new year, we are taking a look back at the best of 2018, sharing those blog topics that gave our readers the most inspiration in their DevOps and IT modernization journeys. Last week we shared our most popular analysis and expert commentary on AWS Migration and DevOps transformation. As promised, today we’ll delve into CI/CD, DevOps security and specific AWS tools that are sure to remain just as popular in 2019 as they were last year.
Continuous Integration & Continuous Delivery
Accelerating the software delivery process, CI/CD offers powerful benefits, and some common hurdles. Among our articles on the topic this past year was a powerful piece on how to Optimize Code Delivery Pipelines with DevOps Automation in which we shared Flux7’s expert DevOps tips and commonalities across successful organizations. For those looking to control labor costs and keep developers working efficiently while accelerating time to market by avoiding rework-related slowdowns, this piece illustrates how to achieve these results and optimize code delivery.
For audiences just getting started with CI/CD and looking to understand in greater detail how it can play a starring role in a greater IT process automation process, we wrote this feature story: Agility through IT Process Automation. In it we share how CIOs can couple CI/CD with Infrastructure as Code, configuration management and continuous compliance to help rid their organization of technical debt while creating a positive cycle where teams are freed from manual tasks and able to deliver more and more strategic, business-impacting work.
Last, CI/CD is a core pillar of DevOps automation and one that should be supported via your code repository system. In the blog, How to Organize Infrastructure as Code in your Source Code Repository, we share several DevOps best practices for organizing source code repositories which makes collaboration easier, in turn saving time and potential rework.
Bonus! For additional reading on CI/CD, download our papers, Optimizing Code Delivery Pipelines and Automate IT Processes to Increase Strategic Productivity.
In a recent 451 Alliances blog, the research firm notes that information security was second only to off-premises cloud services as the area of greatest budget increases last year. Moreover, very large organizations (defined as having 10,000 or more employees) are on track for an average 20% increase in their security budgets this year. Clearly the need for security is (rightfully) front and center.
In this vein, we featured the story of a major US airline and its holistic view of security as it moved to its AWS new account. The firm reached out to the DevOps team at Flux7 to migrate and replatform several of its legacy, on-premise applications — many of which have high standards for uptime and resiliency — to AWS. In line with Flux7’s security by design approach, we used CIS benchmark images to build configuration guidelines into the solution, helping the airline proactively safeguard against security threats, giving the company the ability to create infrastructure with security best practices built in from the beginning. Catch the two-part blog here:
- AWS Case Study: Using KOPS to Run Kubernetes with CIS Benchmark AMIs
- AWS Case Study: Kubernetes on CIS Benchmarked Ubuntu AMIs using KOPS
We also featured two technologies that help enterprises build security in: AWS WAF and Amazon Guard Duty. In the article, AWS WAF, an AWS Security Best Practice, we share why AWS WAF is a good choice for companies migrating their digital business to the cloud. And in the blog, Security in AWS: Flux7’s Take on the New Amazon GuardDuty, we share how this new managed service monitors and detects malicious or unauthorized behavior across an organization’s AWS infrastructure, to grow overall cloud security.
AWS Expert Tools
Of the hundreds of announcements AWS makes every year, it can be challenging to keep track and synthesize which announcements will have the most impact to your organization. (That’s why we track AWS news, sharing each week those announcements we think are most relevant to our customers’ AWS implementations. You can sign up for the DevOps News Week in Review blog here.) Of our features highlighting AWS expert tools this year, the following struck a nerve with our readers:
- Effectively Manage AWS with the New AWS Systems Manager. As a newly announced stand-alone service, our AWS consulting team walked readers through the new AWS Systems Manager clarifying some of the confusion around AWS’s nomenclature, and in a second, follow-up blog, AWS Case Study: Use the New AWS Systems Manager to Manage AWS, illustrated how its new features can benefit SSM users through the story of a Fortune 500 manufacturer.
- Automating AWS Account and Amazon VPC creation with AWS Step Functions. This popular story walked readers through the process of using AWS Step Functions with the real-world example of a Flux7 customer who wanted to simplify the self-service IT process of bringing up new AWS accounts and VPCs by creating a REST API that their internal customers could call. While the process was complex, our AWS consulting team was able to apply automation to simplify the process and eliminate extra steps.
- AWS Configuration Management with AWS OpsWorks for Chef Automate. This story is one we published early in the year and it remained popular all year long. It provides several resources and ideas of how to start the year with a more automated configuration management process.
We’re reader-driven and would like to support your efforts with even more tips, tricks, insight and analysis in the year ahead. So, what are your DevOps and IT Modernization goals for the new year? Let us know in the comments below.