Defenders: Caller based EC2 security The risk with security credentials is that they get exposed an are being used elsewhere. What if we could prevent that the are being used elsewhere. The idea from the article of William Bengston from netflix was: Dynamically locking credentials to the environment. This implementation of this idea is much more simple with the cdk. So, let’s defend ourselves! Our story here is the battle of the defenders (tm).

Target Mode with Serial Devices Usually, you will work with SSH or WinRM to connect to remote nodes and configure them. Those standard protocols bring along all the perks of a modern network connection: Encryption, Authentication, File transfers, etc But what if you have a device without network connectivity?

Ruby Layers with Serverless After showing how easy it is to write AWS Lambda functions in Ruby, we will work on a way to build Layers with external dependencies or shared data in this post.

The kitchen-vcenter Driver While many companies already rely on some Cloud for all of their IT systems, bigger enterprise customers often have own data centers which consist of thousands of virtual machines. Under these circumstances, it is often not desirable to only test Chef cookbooks on AWS or Azure, but doing this in the real environment is a better idea. The kitchen-vcenter driver allows you to harness the power of your own IT systems.

Ruby Lambdas with Serverless Support for Ruby was added on AWS Lambda end of November 2018, with support via the Serverless Framework landing on the same day.

The kitchen-ec2 Driver Within the Chef ecosystem, Test Kitchen is one of the most useful tools. It offers the possibility to quickly test cookbooks in different OS environments on machines with a limited lifetime. That way, you can check if your fancy recipes work the same on RedHat, Centos 6 and Ubuntu. As speed is king, this fast feedback motivates more for early testing and reduces the amount of bugs found in production.

Custom Resource Diffs in Chef If you are writing custom resources regularly, you might have been annoyed by a general “diff” functionality in Chef. In this post we will work on some snippets to make this possible

Automating ACM Certificate creation with the Serverless Framework Encryption is the basis for secure communication in our modern world. For most web applications this boils down to using HTTPS to encrypt traffic between the client and server. HTTPS or the underlying protocols TLS/SSL rely on Public Key Infrastructure and Encryption to establish the Authenticity of the communication partner. Authenticity in this context means that the client can be sure he is communicating with Google if they access https://google.