Vlog Cloud Formation Template Security
Articles,  Blog

Vlog Cloud Formation Template Security


Whats up vlog?! I hope you are doing well today? As you can see Iam here today in the woods,
the woodlands near Zürich, and, the vlog is just brief, it’s going to be about AWS
cloud formation templates today. I was tidying up my solution I’ve been working
on the last 8-ish weeks and going through the cloud formation templates I was look at
the ARN codes you put in where you might mention the role. So I have this FaaS solution, Functions as a Service, and yeah you need to give your functions certain permissions now, I embedded my account Id
and the role name, and I wanted to fix that, because basically if someone else wants to
use the solution they can’t! The account id is embedded and luckily Amazon
have provided for that. It took me a little bit to find it and yeah,
oops, it’s a “faux pas”, I had my account id under public GIT source control repository,
for a while. and, you shouldn’t be doing that guys! So, you want to look up fn::sub function. Sub as in substitute and they have a whole
list of variables, if you look in the description below you’ll find them, the 2 links that will
help you, then you can go and replace your account id in your template, which is definetly
worth while because you might be moving it to another account, it’s good for disaster
recovery, its also good for security, you don’t want to be embedding that kind of information
in your template and sharing them with people. So it was a little bit tricky to find I have
to say and I was kind of surprised you know, always when you look at the amazon documentation
how neutral language they use and sometimes I can get quiet excited about the tech and
I always get astounded why on earth is it so, like that in the documentation, I don’t
know?!? I would prefer a bit more personality personally,
but I suppose thats the way they have to do it, it’s the Alexis voice maybe. Yeah, so if you have been following me on
my vlogs the last few weeks, well, about 8/9 weeks now, you’ll know I’ve built this web
crawler application based on Python3 and it’s all running on Amazon, I may add the link
below incase you want to check that out as well, if you just crossed this vlog on AWS
cloud template security. I also have another video that is kind of
handy, it’s on backups, although I feel it’s getting less relevant using AWS Lambda to
trigger and run your backups, they do have a option now under EC2 instances if you look
at lifecycle in the menu on the left you’ll find that, I find that is actually quite good,
what it maybe doesn’t do though, is copy those backups to another region and I did cover
that in other vlogs and I have some source code available as well available, you can
check out that as well if you look up in my channel. It’s not over yet guys, Ive taken a deep breath
here, I have submitted this project I have done, to a tech-conference in Zürich, maybe
they’ll accept me and I’m going to get to speak a more about creating FaaS solutions
on AWS. Also using GitLab which I found super cool,
because each stage your building inside Docker containers, it gets thrown away, it’s a super
clean way of deploying your software, because every time you have sterile clean environment
and that makes sure you’ve got everything in your source control where it should be,
and, it’s going to just go out every time clean and if a guy or one of your developer
leaves or the server crashes and you move somewhere else, it should work! Yeah, so I’m quite excited about that and
maybe in 2 or 3 weeks I’ll find out whether or not I’ve been accepted, and, yeah, I can
do my first speaking gig, ever! I’m kind of excited about that, I’m crossing
my fingers on it. Hey, if you have questions about the stuff
I’ve been vlogging about today or in my other vlogs please leave a comment below, I’d love
to answer that, I’m going to finish off my walk and head off to the office. Guys, you have a great day. Bye bye.

Leave a Reply

Your email address will not be published. Required fields are marked *