Tag: AWS CloudFormation

I’m excited to finally answer a question I’ve been hearing from both Infrastructure as Code developers and security practitioners for years: “How do I send a signal back to my CloudFormation stack from within a private VPC without going across the public internet?”

Serverless computing allows you to build and run applications and services without having to manage servers. AWS Service Catalog allows you to create and manage catalogs of services that are approved for use on AWS. Combining Serverless and Service Catalog together is a great way to safely allow developers to create products and services in […]

[Update on 9/30/2020] Note:  – Please follow Simplify sharing your AWS Service Catalog portfolios in an AWS Organizations setup to implement a multi-region, multi-account catalog at scale while incorporating recent updates and best practices. Many AWS customers are adopting AWS Service Catalog to create and manage catalogs of approved IT services for use on AWS. […]

Any Chef server should be a hub of tested and trusted cookbooks that can be added to node run lists easily. However, the testing and delivery of cookbooks to the server itself can be an arduous task. To simplify and expedite this necessary process, we’ve leveraged AWS technologies to create a pipeline that executes integration testing […]

In this blog post I’d like to share an AWS CloudFormation custom resource I’ve written that allows you to deploy StackSets from within a CloudFormation template. You can use StackSets to deploy and manage CloudFormation stacks in multiple accounts and multiple AWS Regions from a central location using a single template and set of operations.

In 2017, over 350,000 AWS customers used AWS CloudFormation to manage resources collected across 2.4M stacks. We added coverage for 14 new services and several new features. In this post, I’d like to look back at some features and new content that CloudFormation introduced in 2017, including: New AWS resources that you can provision with […]

The AWS CloudFormation team has been busy in the last couple of months, adding support for new resource types for recently released AWS services. In this post, I take a deep dive into using AWS Glue with CloudFormation. About AWS Glue AWS Glue was first announced at re:Invent in 2016, and was made generally available […]

AWS CloudFormation recently added support for these recently released AWS services: AWS Guard Duty is an automated threat-detection service that can be quickly enabled, does not require agents to be installed, and monitors unusual account usage using sources like AWS CloudTrail logs, DNS logs, and other sources. With the new AWS CloudFormation resource support, you […]

The grant least privilege best practice advises you to grant only the permissions that are required to perform a task. To follow this best practice you should determine what your users need to do and then design IAM policies that let users perform only those tasks. AWS Service Catalog extends the very same best practice. If you […]

AWS CloudFormation has always allowed you to customize your templates by using parameters for runtime input values. Parameters make your template code dynamically configurable, improving the reusability of your code. Previously, the only ways you could specify values for these parameters were to pass the plaintext values as arguments to the CloudFormation API, or hard […]