#91: AWS Security Pillar

Welcome to this week's DevOps newsletter! I've got a lot of exciting topics to cover, including AWS security pillar, Kubernetes dashboards, and DevOps open-source projects.

Firstly, I have a comprehensive guide to the AWS security pillar, where you can learn how to secure your AWS environment by implementing AWS security best practices and gaining a comprehensive understanding of AWS security services.

Next, we're exploring the rise of Serverless monoliths and the best practices for running Java apps on Kubernetes. Additionally, I'm sharing an architecture for enforcing RBAC in a cloud storage system and an open-source utility that scans live Kubernetes clusters and reports potential issues with deployed resources and configurations. And, for those interested in Terraform, I have a preparation guide for becoming a Hashicorp Certified Terraform Associate.

Lastly, don't miss our open-source projects of the week, including a ChatGPT-powered gym workout generator and a CLI that creates screenshots based on terminal command output. And, we're also diving into why open-source is broken and uncovering the truth about git metrics tools. Stay tuned for all this and more in this week's DevOps newsletter!

📖 POSTS OF THE WEEK

Our guide to the AWS security pillar
A walkthrough of the AWS Security Pillar with insights into how to manage this vital but often complicated aspect of modern architecture.
Read more »

"Platform Engineering teams done right…" - Three reasons for the platform engineering meme: demand for tools to improve complicated platforms on Kubernetes, marketing by companies with tools to sell, and interest sparked by the Team Topologies book's definition of how to create/manage Platform Teams - Read more »

"AWS Lambda layers best practices" - This blog post covers AWS Lambda layers basics, the pros and cons, and recommended best practices - Read more »

"Kubernetes dashboards: everything you need to know" - Kubernetes comes with its own web UI for deploying containerized applications to a cluster using wizards, troubleshooting workloads, and managing cluster resources – known as Dashboard. But there are other open-source options as well - Read more »

"Become a Hashicorp Certified Terraform Associate - preparation guide" - The post is intended for individuals looking to prepare or take the exam in the future. It covers tips and what you need to know to pass the exam - Read more »

"An architecture for enforcing RBAC in a cloud storage system" - This article explores a 2016 paper by Garrison et al. that presents an architecture for enforcing access control policies in a cloud storage system - Read more »

"Best practices for Java apps on Kubernetes" - In this article, you will read about the best practices for running Java apps on Kubernetes. Most of these recommendations will also be valid for other languages - Read more »

"The rise of the Serverless monoliths" - This post covers the evolution of meta-frameworks (Next.js and Remix) and backend as a service (Supabase, SurrealDB) - Read more »

"Docker will edit host-based firewall rules for you" - Docker would quietly add a rule to your system’s iptables to allow container port through the firewall - Read more »

🛠 PROJECTS OF THE WEEK

IaSQL is open-source software that treats infrastructure as data by maintaining a 2-way connection between a cloud account and a PostgreSQL database - Learn more »

Signadot is a Kubernetes native platform that provides lightweight environments using a unique multi-tenancy model that shares resources safely. You're able to test every pull request end-to-end in K8s and ship features 10x faster - Learn more »

Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations - Learn more »

A cool side project that leverages ChatGPT to build gym workouts for you based on the equipment you have at your disposal - Learn more »

Keep is an open-source alerting CLI that contains everything you need to start creating Alerts. It supports all major providers (e.g. Sentry/Datadog or Slack/Pagerduty) - Learn more »

Termshot takes the console output and renders an output image that resembles a user interface window. The idea is similar to what carbon.now.sh, instaco.de, or codekeep.io/screenshot do - Learn more »

📰 NEWSWORTHY STORIES

"Open-source is broken: the sad story of Denis Pushkarev (core-js)" - Read more »

"The truth about Git metrics tools" - Read more »

"The AWS community isn’t for Amazonians" - Read more »

"AWS publishes reference architecture for deployment pipelines" - Read more »

📕 BOOK OF THE WEEK

Not a tech book but recently I've read "Flow: The Psychology of Optimal Experience" by Mihaly Csikszentmihalyi, a psychology professor, and researcher. The book explores the concept of "flow," which refers to a state of heightened focus and immersion in an activity that brings feelings of enjoyment and fulfillment.
The book draws on research from a wide range of fields, including psychology, neuroscience, and philosophy, to provide a comprehensive understanding of flow. It also explores the implications of flow for various aspects of life, including work, creativity, and relationships.

💼 OPEN JOBS OF THE WEEK

Senior DevOps Engineer @Grafana
AWS, Ansible, Kubernetes
🌎 Remote, anywhere
Read more »

Senior DevOps Engineer @Neon
GitHub Actions, GCP, Linux
🌎 Remote, anywhere
Read more »

Infrastructure DevOps Lead @Redis
AWS, Terraform, Jenkins
🌎 Remote, europe
Read more »

Hand-picked DevOps opportunities to work from home, remotely, freelance, full-time, part-time, contract and internships - See more »

💡 TWEET OF THE WEEK

If you've ever noticed dropped connection after a rolling upgrade, this thread digs into the details👇🏻

😂 MEMES OF THE WEEK

I hope you enjoy this week’s newsletter! Share it with a friend or colleague if you find it helpful, drop me an email or send me a DM on Twitter about topics you’d like to hear about in future editions.

Remember to share if you enjoyed this issue!

Share

Forward

Want to sponsor an issue? Check out the Sponsor Kit

DevOps Bulletin - Digest #91: AWS Security Pillar 🔓

#91: AWS Security Pillar

Older messages

Digest #90: Serverless Patterns ⛅

Digest #89: Pipeline as Code 🔥

Digest #88: The Creator of Everywhere SQLite 🌍

Digest #87: Testing AWS Infrastructure 😍

Digest #86: Serverless Testing 😄

You Might Also Like

Import AI 399: 1,000 samples to make a reasoning model; DeepSeek proliferation; Apple's self-driving car simulator

Defining Your Paranoia Level: Navigating Change Without the Overkill

5 ways AI can help with taxes 🪄

Recurring Automations + Secret Updates

The First Provable AI-Proof Game: Introducing Butterfly Wings 4

GCP Newsletter #437

Charted | The 1%'s Share of U.S. Wealth Over Time (1989-2024) 💰

The Great Social Media Diaspora & Tapestry is here

Daily Coding Problem: Problem #1689 [Medium]

📧 Stop Conflating CQRS and MediatR