- Unlimited Leave
- Posts
- How do you deploy your AWS Resources?
How do you deploy your AWS Resources?
Using GitLab-CI remote pipelines to standardized resource deployment.
Ross Wickman
March 10, 2023
Happy DST. This is Unlimited Leave, the AWS Governance and Management newsletter that won’t go to bed early. Even if it means losing an hour of sleep.
It’s super frustrating that just as I'm starting to be able to get Andrew Huberman’s recommended morning sunlight exposure, I’m going to lose it for another few weeks.
Viewing sunlight in the morning causes ~50% increase in circulating cortisol, epinephrine and dopamine. These leverage healthy increases in energy, immune system function and mood.
Full episode of Huberman Lab Podcast on tools for immune-neural health and mood coming soon.
— Andrew D. Huberman, Ph.D. (@hubermanlab)
3:38 PM • Aug 3, 2022
This week's topics
GitLab-CI for deploying CloudFormation (and Terraform)
Announcements & IAM Actions
Greenfield Course Update
GitLab-CI for deploying CloudFormation (and Terraform)
Early this morning I recorded a video about a CICD Pipeline that I use and that has evolved in the last couple of years. The full video is for a fellow AWS Community Builders’ Youtube Channel about CI and CD on Amazon Web Service (AWS). The video won’t be ready for a couple of weeks. When it’s out, I’ll be sure to share it here.
In the meantime, you can review the remote (reusable) pipeline here:
IdP & Role Deployment: https://gitlab.com/rwickit/cicd/aws-gitlab-cicd
CloudFormation
Terraform
This solution has a long way to go. I’d be interested in your feedback or PRs for recommended changes.
A GitHub Workflow equivalent can be found here:
Announcements & IAM Actions
I’m trying something new and will share them here in this section.
I’ve started following https://awsiamchanges.com/ in my RSS Feed Catcher. Now I can monitor when AWS makes updates for API actions on the services I care about most. This last week was pretty active.
IAM Actions
Service Announcements
AWS Security Hub launches support for NIST SP 800-53 Rev. 5 - this announcement came a week after I noticed it in the Console. That explains why I felt like I missed sharing it with you.
GovCloud continues to get M&G love with - Delegated administrator for AWS Organizations launches in the AWS GovCloud (US) Regions
AWS CloudShell now supports the modular variant of AWS Tools for PowerShell - I enjoy using PowerShell for AWS operations. I enjoy using CloudShell with my current permissions to quickly do operations in an account. Pull down a script from a Git Repo or Bucket and I’m off to the races. This update will save me a few steps.
Security Specific
Greenfield Course Update
Thanks to everyone who replied to last week’s survey on who you use for an Email provider. My personal opinion is that you can make or break your management and governance setup in the prep before even deploying your first account. It’s crazy how some organizations are managing root account creation and communications.
I will be using these results to provide as much context and instruction in the first module as possible.
I’ve landed on a CMS for the content, outlined more specifically the module content and sadly it all looks like even more work for me. Hopefully that also directly maps to higher quality and more value for you and your organizations.
I’m still 1-2 weeks away from presale. The perfectionist in me is trying hard to not get too overwhelmed by all the possible things that can distract me from just getting you something useful that can get better with time.
Thank you for your patience.
Now go get done all you need to do to get to be an hour early.
See you next week.