When leveraging AWS services such as EC2, ECS, or EKS, achieving standardized and automated image creation and configuration is essential for securely managing workloads at scale. The concept of a Golden AMI is often used in this context. Golden AMIs represent pre-configured, hardened and thoroughly tested machine images that encompass a fully configured operating system, essential software packages, and customizations tailored for specific workload. It is also strongly recommended to conduct comprehensive security scans during the image creation process to mitigate the risk of vulnerabilities. By adopting Golden AMIs, you can ensure consitent configuration across different environments, leading to decreased setup and deployment times, fewer configuration errors, and a diminished risk of security breaches. In this blog post, I would like to demonstrate how you can leverage AWS CodePipeline and AWS Stepfunctions, along with Terraform and Packer, to establish a fully automated pipeline for creating Golden AMIs.
EC2-Tools AMI Baking Tools that help build the AMIs for your bespoke EC2 instances. AWS EC2 Image Builder - native service to build and test AMIs in AWS. AWS System Manager Automation Netflix Aminator (OpenSource) Packer (OpenSource) State Control EC2-Ser
When deciding which Infrastructure as Code tool to use for deploying resources in AWS, Terraform is often a favored choice and should therefore be a staple in every DevOps Engineer’s toolbox. While Terraform can increase your team’s performanc
Building a static website with Hugo and the CDK If you ever wanted to host your personal website or blog on AWS this article is right for you. We’re going to build a static website with Hugo, CodeBuild and CodePipeline and host it using CloudFront a
Unser Gregor Püttmann wird bei der AWS Usergroup Düsseldorf am 29.10. einen Vortag über CloudFormation halten … hier die Agenda des Abends: Kai and Thomas: ‘Immutable Windows AMIs mit Packer’ Gregor ‘Infrastructure as Code mit Clo
Jenkins als Build Server erfreut sich einer großen Verbreitung. Die architekturelle Frage, die sich dabei stellt ist: Wie groß lege ich den Server aus, damit er neben des Management der Build Projekte auch die Builds selber verarbeiten kann? Die einfachst