We have been working closely with a customer who is undergoing a business transformation. As a multimedia equipment manufacturer, the organization has a loyal following of its high quality devices. However, like many companies facing the convergence of markets and new customer demands, the company has embarked on a metamorphosis. Traditionally very focused on hardware, their software was largely ignored even though it offered customers real value. Part of the company’s transformation was a move to treat their software like a full-fledged offering, rather than a free supplement. An upcoming product release marked the first (and biggest steps), in cementing this change in company direction.
Container technology was a well-read topic on the Flux7 blog in 2016, joining our blog on Continuous Integration Best Practices(CI/CD) and AWS Configuration Management as subject areas that received the most attention from our readers. From hardening containers to container based cloud migration frameworks and Docker-based microservices architecture, our DevOps consultants published a great deal of analysis, advice and best-practice approaches to help our readers achieve success with containers in AWS.
At re:Invent 2016 Werner Vogels, AWS CTO, donned a Transformer shirt to tell us we can be Transformers. And, Andy Jassy, AWS CEO, emphasized in his presentation that we can all be superheroes, with superpowers. This emphasis on the ability to easily control, manage and even transform your AWS environment -- from x-ray vision to immortality -- was a great way to frame the two themes of the show which boiled down to increased ease of use and a greater acceptance for the hybrid cloud model.
Now that the first wave of innovators and early adopters have moved their workloads to the cloud, we are seeing majority, more pragmatist organizations, migrating to the cloud. However, unlike early movers who were willing to navigate the complexity of AWS tools and technology, this second wave of organizations puts a higher premium on ease-of-use. Given that, let’s look at how AWS has done just this through our lens of operations, DevOps and Security.
AWS recently announced the expansion of the AWS Web Application Firewall (WAF) to include coverage for application load balancers. Working with a wide variety of organizations to design and build secure applications within the AWS cloud, we frequently call upon WAF as a critical component of our solution. In fact, we were recently recognized for having achieved AWS Service Delivery Partner Status for AWS WAF.
Yesterday at re:Invent, we were delighted to be recognized as having achieved AWS Service Delivery Partner status for AWS Web Application Firewall (WAF). As you can see from the news release we issued, the AWS Service Delivery Program is designed to highlight AWS Partner Network (APN) Partners who have a track record of delivering verified customer success for specific Amazon Web Services (AWS) products.
As we discussed recently, AWS microservices are being adopted widely across organizations and industries for their ability to increase service delivery and speed time to market while decreasing team overhead. As organizations begin traveling down the path to a microservices architecture, one hurdle that they often run into is enterprise password management or secret management. For, as the number of microservices increase, so too do the number of credentials—often exponentially so—creating a need for effective and efficient management.
Automating common administrative tasks to improve workload reliability and decrease potential risk is a common theme our consultants at Flux7 help our clients with. Doing so simplifies administration, encourages security through consistency and helps improve control over users and permissions. Amazon launched EC2 Run Command in October 2015 to help attain these benefits.
As AWS experts we work closely with organizations who handle a wide variety of sensitive information – from patient health records to credit card data and more. Resultantly, we are always on the look-out for technology and best practice-based improvements to ensuring cloud-based security. With more and more of our clients looking to embrace a microservices architecture, cloud security and compliance naturally didn’t stop being a focus which is why we are happy at the news from AWS today that they’ve addressed how to help secure container-enabled applications with IAM Roles for ECS tasks.
Amazon Simple Systems Manager or SSM as we’ll refer to it throughout this article, is a great example of an important feature in the Amazon Web Services toolset that we try to highlight for our clients because of its DevOps, compliance and security benefits. As AWS partners recognized for our customer service and expertise, we are often asked about the implications of specific AWS features and their benefits.
AWS CodeCommit is a fully managed version control management service offered by Amazon Web Services. It is a highly scalable and fully managed hosted service. It is compatible with Git and hence all of the git commands work with AWS CodeCommit. AWS Codecommit is highly secure in the sense that the data is encrypted both at rest and in transit. The repositories offered under this service are private by default. AWS Codecommit supports both HTTPS and SSH protocols.