SlideShare una empresa de Scribd logo

CI/CD@Scale

Amazon Web Services
Amazon Web Services

CI/CD@Scale - As customers implement Goverance@Scale principles it highlights the need to develop, build and deploy applications or infrastructure while thinking about compliance and security as part of the CI/CD pipeline. This section will cover how to integrate security and compliance in application and infrastructure development, using Inspector and Config in conjunction with AWS and partner developer tools.​

1 de 32
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Yuriko Horvath Sr. Solutions Architect – FedCiv, Amazon Web Services Len Henry Sr. Solutions Architect – Edu, Amazon Web Services Continuous Integration/Continuous Delivery [CI/CD] to Scale Compliance & Security
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Key Takeaways • Benefits of automated security and compliance testing in CI/CD • Introduction to AWS, partner and industry tools choices for CI/CD, security, and compliance • Learn patterns for CI/CD within AWS accounts
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure Applications Secure Infrastructure Enhance Governance CI/CD goals to constantly…. Deliver Value Faster Raise Code Quality Raise Feature Quality Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance DevOps CompSecOps
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CI/CD on AWS for Infrastructure
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure Applications Secure Infrastructure Enhance Governance Infrastructure: CI/CD goals to constantly…. Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance CompSecOps
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Test Test Build Env Test Acct Report 1 Deploy
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ß Committing Code • IAM, Managed service, Price • Encryption at rest • AWS integration CodeCommit • Custom login • Issue tracking • Webhooks • Enterprise hosting • Jira integration • Mercurial version control • Price • Enterprise hosting Git version control Collaboration & pull request reviews GitHub
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Deploy Test Test Build Env Test Acct Report 1 Lambda CodePipeline 2 3 4 CloudFormation Elastic Beanstalk OpsWorks Jenkins
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Coordinating CI/CD Pipeline • IAM, managed service, price • Setup & integration with AWS developer tools • Integration with AWS services CodePipeline • Complicated CI/CD workflow patterns needing customizations Lambda • Extensible plugin architecture • Configurable *AWS Marketplace CI/CD orchestration Jenkins
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deploying Infrastructure • Infrastructure as code for a majority of AWS services • Simple setup • Developer friendly • Community • On-premises Deployment and lifecycle of application infrastructure CodePipeline integration IAM, managed service, price CloudFormation OpsWorks Elastic Beanstalk
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Test Test Build Env Test Acct Report 1 Lambda CodePipeline Amazon Inspector AWS Config CodeBuild 2 3 4 5 6 7 Deploy CloudFormation Elastic Beanstalk OpsWorks Jenkins
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing Functionality • IAM integration • Managed service w/ auto scaling • On-demand pricing • Easy setup & CodePipeline integration • Hooks to CodeCommit, S3, GitHub [Enterprise] • Integration with unit; integration, UI, and performance-testing suites CodeBuild CodePipeline
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing security compliance • Security for EC2 applications • Templated vulnerability, security, and best practice rules • Compliance Amazon Inspector • Configurable AWS resource rules • Continuous monitoring • Dashboards and notifications of violations AWS Config • Configurable compliance rules • Integrates with Systems Manager
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Testing
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Test Test Build Env Test Acct Report 1 Lambda CodePipeline CodeBuild 2 3 4 5 6 7 8 8 9 Deploy CloudFormation Elastic Beanstalk OpsWorks Amazon Inspector AWS Config Amazon Inspector AWS Config Jenkins
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo CI/CD Infrastructure & Security on AWS https://youtu.be/nH6FetJ2r2M
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CI/CD on AWS for Applications
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Applications: CI/CD goals to constantly…. Deliver Value Faster Raise Code Quality Raise Feature Quality Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance DevOps
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Store Artifacts Deploy Test Prod Build Env Test Build Env Test Acct Report Lambda CodePipeline CodeBuild S3 Amazon ECR AMI 2 4 3 Jenkins Jenkins 1
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Building Artifacts • IAM, managed service w/ auto- scaling, pricing • Setup & CodePipeline integration • Hooks to CodeCommit, S3, GitHub [Enterprise] • Artifact store on S3, Amazon ECR, and Docker Hub CodeBuild • Extensible plug-in architecture • Configurable *AWS Marketplace Jenkins
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Store Artifacts Deploy Test Prod Build Env Test Build Env Test Acct Report 1 Lambda CodePipeline CodeBuild S3 Amazon ECR AMI 2 4 3 6 7 SNS 5 8 9 CodeDeploy Amazon ECS EB Amazon InspectorEC2 CodeBuild Jenkins Jenkins Report
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deploying Code • IAM, managed service w/ auto-scaling • Pricing • Console setup & CodePipeline & auto-scaling integration • Trackable rolling deploys with rollbacks CodeDeploy • Operator-friendly configuration through JSON • Community recipes • Developer-friendly configuration through Ruby scripts Deploy to EC2, Lambda Deploy to on-premises instances
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing Functionality • IAM integration • Managed service w/ auto-scaling • On-demand pricing • Setup & CodePipeline integration • Hooks to CodeCommit, S3, GitHub [Enterprise] • Integration with unit; integration, UI, and performance-testing suites CodeBuild CodePipeline
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing Security • Application security, vulnerability and compliance testing • DevOps integration through APIs • Testing rules for CVE, CIS benchmarks, security best practices, and runtime behavior analysis Amazon Inspector
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Functionality Testing
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Performance & Load Testing
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Store Artifacts Deploy Test Prod Build Env Test Build Env Test Acct Report 1 Lambda CodePipeline CodeBuild S3 Amazon ECR AMI 2 4 3 5 6 Amazon SNS 7 8 9 CodeDeploy Amazon ECS EB Amazon InspectorEC2 CodeBuild 10 11 12 Report Amazon ECS EB Amazon InspectorEC2 Jenkins Jenkins
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo CI/CD Application & Security on AWS https://youtu.be/iWTCQLtx3qc
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure Applications Secure Infrastructure Enhance Governance CI/CD goals to constantly…. Deliver Value Faster Raise Code Quality Raise Feature Quality Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance DevOps CompSecOps
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! Talk to your AWS account team to discuss implementation!

Recomendados

CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Bhargav Amin
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
Amazon Web Services
 
From ci to cd
From ci to cdFrom ci to cd
From ci to cd
Henri Gomez
 
Building a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containersBuilding a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containers
Amazon Web Services
 
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Amazon Web Services
 
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsA Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
Amazon Web Services
 
From Continuous Integration to DevOps
From Continuous Integration to DevOpsFrom Continuous Integration to DevOps
From Continuous Integration to DevOps
IBM UrbanCode Products
 
A Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWSA Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWS
Bhuvaneswari Subramani
 

Recomendados

CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Bhargav Amin
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
Amazon Web Services
 
From ci to cd
From ci to cdFrom ci to cd
From ci to cd
Henri Gomez
 
Building a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containersBuilding a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containers
Amazon Web Services
 
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Amazon Web Services
 
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsA Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer Tools
Amazon Web Services
 
From Continuous Integration to DevOps
From Continuous Integration to DevOpsFrom Continuous Integration to DevOps
From Continuous Integration to DevOps
IBM UrbanCode Products
 
A Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWSA Pathway to Continuous Integration/Continuous Delivery on AWS
A Pathway to Continuous Integration/Continuous Delivery on AWS
Bhuvaneswari Subramani
 
SkyBase - a Devops Platform for Hybrid Cloud
SkyBase - a Devops Platform for Hybrid CloudSkyBase - a Devops Platform for Hybrid Cloud
SkyBase - a Devops Platform for Hybrid Cloud
Vlad Kuusk
 
DevOps at Amazon: A Look at Our Tools and Processes
DevOps at Amazon: A Look at Our Tools and ProcessesDevOps at Amazon: A Look at Our Tools and Processes
DevOps at Amazon: A Look at Our Tools and Processes
Amazon Web Services
 
DevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWSDevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWS
Amazon Web Services
 
Continuous Performance Testing: The New Standard
Continuous Performance Testing: The New StandardContinuous Performance Testing: The New Standard
Continuous Performance Testing: The New Standard
TechWell
 
Transform Digital Business with DevOps
Transform Digital Business with DevOpsTransform Digital Business with DevOps
Transform Digital Business with DevOps
Daniel Oh
 
Demystifying DevOps
Demystifying DevOpsDemystifying DevOps
Demystifying DevOps
Bhuvaneswari Subramani
 
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
Gene Kim
 
Collision 2018: CodeStar for CICD Pipelines
Collision 2018: CodeStar for CICD PipelinesCollision 2018: CodeStar for CICD Pipelines
Collision 2018: CodeStar for CICD Pipelines
Amazon Web Services
 
Amazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperAmazon Web Services for the .NET Developer
Amazon Web Services for the .NET Developer
Rob Gillen
 
#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal
#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal
#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal
Agile Testing Alliance
 
Microservices Testing at Scale
Microservices Testing at ScaleMicroservices Testing at Scale
Microservices Testing at Scale
VMware Tanzu
 
CI/CD (DevOps) 101
CI/CD (DevOps) 101CI/CD (DevOps) 101
CI/CD (DevOps) 101
Hazzim Anaya
 
CI/CD
CI/CDCI/CD
CI/CD
AmitDhodi
 
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
Amazon Web Services
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
Siddharth Joshi
 
Docker Enables DevOps
Docker Enables DevOpsDocker Enables DevOps
Docker Enables DevOps
Boyd Hemphill
 
How To Be a Java Automated Testing Superstar
How To Be a Java Automated Testing SuperstarHow To Be a Java Automated Testing Superstar
How To Be a Java Automated Testing Superstar
VMware Tanzu
 
CI/CD on AWS Deploy Everything All the Time
CI/CD on AWS Deploy Everything All the TimeCI/CD on AWS Deploy Everything All the Time
CI/CD on AWS Deploy Everything All the Time
Amazon Web Services
 
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
Janusz Nowak
 
Transforming Software Development
Transforming Software Development Transforming Software Development
Transforming Software Development
Amazon Web Services
 
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
Bhuvaneswari Subramani
 
Improve Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & DeliveryImprove Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & Delivery
Amazon Web Services
 

Más contenido relacionado

La actualidad más candente

Continuous Performance Testing: The New Standard
Continuous Performance Testing: The New StandardContinuous Performance Testing: The New Standard
Continuous Performance Testing: The New Standard
TechWell
 
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
Gene Kim
 
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
Amazon Web Services
 
Transforming Software Development
Transforming Software Development Transforming Software Development
Transforming Software Development
Amazon Web Services
 

La actualidad más candente (20)

SkyBase - a Devops Platform for Hybrid Cloud
SkyBase - a Devops Platform for Hybrid CloudSkyBase - a Devops Platform for Hybrid Cloud
SkyBase - a Devops Platform for Hybrid Cloud
 
DevOps at Amazon: A Look at Our Tools and Processes
DevOps at Amazon: A Look at Our Tools and ProcessesDevOps at Amazon: A Look at Our Tools and Processes
DevOps at Amazon: A Look at Our Tools and Processes
 
DevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWSDevOps, Continuous Integration and Deployment on AWS
DevOps, Continuous Integration and Deployment on AWS
 
Continuous Performance Testing: The New Standard
Continuous Performance Testing: The New StandardContinuous Performance Testing: The New Standard
Continuous Performance Testing: The New Standard
 
Transform Digital Business with DevOps
Transform Digital Business with DevOpsTransform Digital Business with DevOps
Transform Digital Business with DevOps
 
Demystifying DevOps
Demystifying DevOpsDemystifying DevOps
Demystifying DevOps
 
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
DOES14 - Gary Gruver - Macy's - Transforming Traditional Enterprise Software ...
 
Collision 2018: CodeStar for CICD Pipelines
Collision 2018: CodeStar for CICD PipelinesCollision 2018: CodeStar for CICD Pipelines
Collision 2018: CodeStar for CICD Pipelines
 
Amazon Web Services for the .NET Developer
Amazon Web Services for the .NET DeveloperAmazon Web Services for the .NET Developer
Amazon Web Services for the .NET Developer
 
#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal
#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal
#ATAGTR2019 Presentation "Role of QA in world of DevOps" By Prashant Beniwal
 
Microservices Testing at Scale
Microservices Testing at ScaleMicroservices Testing at Scale
Microservices Testing at Scale
 
CI/CD (DevOps) 101
CI/CD (DevOps) 101CI/CD (DevOps) 101
CI/CD (DevOps) 101
 
CI/CD
CI/CDCI/CD
CI/CD
 
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
 
Docker Enables DevOps
Docker Enables DevOpsDocker Enables DevOps
Docker Enables DevOps
 
How To Be a Java Automated Testing Superstar
How To Be a Java Automated Testing SuperstarHow To Be a Java Automated Testing Superstar
How To Be a Java Automated Testing Superstar
 
CI/CD on AWS Deploy Everything All the Time
CI/CD on AWS Deploy Everything All the TimeCI/CD on AWS Deploy Everything All the Time
CI/CD on AWS Deploy Everything All the Time
 
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
Continues Integration and Continuous Delivery with Azure DevOps - Deploy Anyt...
 
Transforming Software Development
Transforming Software Development Transforming Software Development
Transforming Software Development
 

Similar a CI/CD@Scale

CI-CD with AWS Developer Tools and Fargate_AWSPSSummit_Singapore
CI-CD with AWS Developer Tools and Fargate_AWSPSSummit_SingaporeCI-CD with AWS Developer Tools and Fargate_AWSPSSummit_Singapore
CI-CD with AWS Developer Tools and Fargate_AWSPSSummit_Singapore
Amazon Web Services
 
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
Amazon Web Services
 
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
Amazon Web Services
 

Similar a CI/CD@Scale (20)

CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
 
Improve Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & DeliveryImprove Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & Delivery
 
Improve Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & DeliveryImprove Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & Delivery
 
CI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day IsraelCI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day Israel
 
CI-CD with AWS Developer Tools and Fargate_AWSPSSummit_Singapore
CI-CD with AWS Developer Tools and Fargate_AWSPSSummit_SingaporeCI-CD with AWS Developer Tools and Fargate_AWSPSSummit_Singapore
CI-CD with AWS Developer Tools and Fargate_AWSPSSummit_Singapore
 
Improve Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & DeliveryImprove Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & Delivery
 
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)
 
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
Set Up a CI/CD Pipeline for Deploying Containers Using the AWS Developer Tool...
 
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
 
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
 
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
CI/CD with AWS Developer Tools and Fargate
CI/CD with AWS Developer Tools and FargateCI/CD with AWS Developer Tools and Fargate
CI/CD with AWS Developer Tools and Fargate
 
CI/CD using AWS developer tools
CI/CD using AWS developer toolsCI/CD using AWS developer tools
CI/CD using AWS developer tools
 
Community day _aws_ci_cd_v0.2
Community day _aws_ci_cd_v0.2Community day _aws_ci_cd_v0.2
Community day _aws_ci_cd_v0.2
 
Improve productivity with Continuous Integration & Delivery
Improve productivity with Continuous Integration & DeliveryImprove productivity with Continuous Integration & Delivery
Improve productivity with Continuous Integration & Delivery
 
How to Build a CICD Pipeline with AWS CodeStar
How to Build a CICD Pipeline with AWS CodeStarHow to Build a CICD Pipeline with AWS CodeStar
How to Build a CICD Pipeline with AWS CodeStar
 
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
 
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
CI/CD Best Practices for Building Modern Applications - MAD302 - Anaheim AWS ...
 
CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...
 

Más de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

Más de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

CI/CD@Scale

  • 1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Yuriko Horvath Sr. Solutions Architect – FedCiv, Amazon Web Services Len Henry Sr. Solutions Architect – Edu, Amazon Web Services Continuous Integration/Continuous Delivery [CI/CD] to Scale Compliance & Security
  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Key Takeaways • Benefits of automated security and compliance testing in CI/CD • Introduction to AWS, partner and industry tools choices for CI/CD, security, and compliance • Learn patterns for CI/CD within AWS accounts
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure Applications Secure Infrastructure Enhance Governance CI/CD goals to constantly…. Deliver Value Faster Raise Code Quality Raise Feature Quality Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance DevOps CompSecOps
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CI/CD on AWS for Infrastructure
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure Applications Secure Infrastructure Enhance Governance Infrastructure: CI/CD goals to constantly…. Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance CompSecOps
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Test Test Build Env Test Acct Report 1 Deploy
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ß Committing Code • IAM, Managed service, Price • Encryption at rest • AWS integration CodeCommit • Custom login • Issue tracking • Webhooks • Enterprise hosting • Jira integration • Mercurial version control • Price • Enterprise hosting Git version control Collaboration & pull request reviews GitHub
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Deploy Test Test Build Env Test Acct Report 1 Lambda CodePipeline 2 3 4 CloudFormation Elastic Beanstalk OpsWorks Jenkins
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Coordinating CI/CD Pipeline • IAM, managed service, price • Setup & integration with AWS developer tools • Integration with AWS services CodePipeline • Complicated CI/CD workflow patterns needing customizations Lambda • Extensible plugin architecture • Configurable *AWS Marketplace CI/CD orchestration Jenkins
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deploying Infrastructure • Infrastructure as code for a majority of AWS services • Simple setup • Developer friendly • Community • On-premises Deployment and lifecycle of application infrastructure CodePipeline integration IAM, managed service, price CloudFormation OpsWorks Elastic Beanstalk
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Test Test Build Env Test Acct Report 1 Lambda CodePipeline Amazon Inspector AWS Config CodeBuild 2 3 4 5 6 7 Deploy CloudFormation Elastic Beanstalk OpsWorks Jenkins
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing Functionality • IAM integration • Managed service w/ auto scaling • On-demand pricing • Easy setup & CodePipeline integration • Hooks to CodeCommit, S3, GitHub [Enterprise] • Integration with unit; integration, UI, and performance-testing suites CodeBuild CodePipeline
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing security compliance • Security for EC2 applications • Templated vulnerability, security, and best practice rules • Compliance Amazon Inspector • Configurable AWS resource rules • Continuous monitoring • Dashboards and notifications of violations AWS Config • Configurable compliance rules • Integrates with Systems Manager
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security Testing
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Prod Build Env Report CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Test Test Build Env Test Acct Report 1 Lambda CodePipeline CodeBuild 2 3 4 5 6 7 8 8 9 Deploy CloudFormation Elastic Beanstalk OpsWorks Amazon Inspector AWS Config Amazon Inspector AWS Config Jenkins
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo CI/CD Infrastructure & Security on AWS https://youtu.be/nH6FetJ2r2M
  • 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CI/CD on AWS for Applications
  • 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Applications: CI/CD goals to constantly…. Deliver Value Faster Raise Code Quality Raise Feature Quality Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance DevOps
  • 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Store Artifacts Deploy Test Prod Build Env Test Build Env Test Acct Report Lambda CodePipeline CodeBuild S3 Amazon ECR AMI 2 4 3 Jenkins Jenkins 1
  • 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Building Artifacts • IAM, managed service w/ auto- scaling, pricing • Setup & CodePipeline integration • Hooks to CodeCommit, S3, GitHub [Enterprise] • Artifact store on S3, Amazon ECR, and Docker Hub CodeBuild • Extensible plug-in architecture • Configurable *AWS Marketplace Jenkins
  • 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Store Artifacts Deploy Test Prod Build Env Test Build Env Test Acct Report 1 Lambda CodePipeline CodeBuild S3 Amazon ECR AMI 2 4 3 6 7 SNS 5 8 9 CodeDeploy Amazon ECS EB Amazon InspectorEC2 CodeBuild Jenkins Jenkins Report
  • 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deploying Code • IAM, managed service w/ auto-scaling • Pricing • Console setup & CodePipeline & auto-scaling integration • Trackable rolling deploys with rollbacks CodeDeploy • Operator-friendly configuration through JSON • Community recipes • Developer-friendly configuration through Ruby scripts Deploy to EC2, Lambda Deploy to on-premises instances
  • 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing Functionality • IAM integration • Managed service w/ auto-scaling • On-demand pricing • Setup & CodePipeline integration • Hooks to CodeCommit, S3, GitHub [Enterprise] • Integration with unit; integration, UI, and performance-testing suites CodeBuild CodePipeline
  • 25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Testing Security • Application security, vulnerability and compliance testing • DevOps integration through APIs • Testing rules for CVE, CIS benchmarks, security best practices, and runtime behavior analysis Amazon Inspector
  • 26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Functionality Testing
  • 27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Performance & Load Testing
  • 28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. CodeCommit Commit Dev Acct Prod Acct Tools Acct Coordinate Build Artifacts Elsewhere Store Artifacts Deploy Test Prod Build Env Test Build Env Test Acct Report 1 Lambda CodePipeline CodeBuild S3 Amazon ECR AMI 2 4 3 5 6 Amazon SNS 7 8 9 CodeDeploy Amazon ECS EB Amazon InspectorEC2 CodeBuild 10 11 12 Report Amazon ECS EB Amazon InspectorEC2 Jenkins Jenkins
  • 29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo CI/CD Application & Security on AWS https://youtu.be/iWTCQLtx3qc
  • 30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure Applications Secure Infrastructure Enhance Governance CI/CD goals to constantly…. Deliver Value Faster Raise Code Quality Raise Feature Quality Change Control Consistency of Environments Automate Deployments Automate Rollbacks Enhance Performance DevOps CompSecOps
  • 32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Thank you! Talk to your AWS account team to discuss implementation!