In the last couple of months we participated in an increasing count of customer projects following current trends of agile software development approaches and corresponding toolstacks. Especially the terms Continuous Integration and Continuous Delivery kept (and still keep) popping up on every corner. The frameworks and processes behind those two hypes aid developing software at higher quality in shorter release cycles. This is especially relevant since end consumers nowadays expect fast releases including the newest features. If companies neglect this demand, competitors might take advantage of their better time-to-market which might result in increased market share and -dominance. A lot of changes are happening in the space of CI/CD. Existing tools become more mature, gaining increased attention, and new ones are appearing every month including better ways of integrating them into existing or new processes. Companies benefit from more choices, increased flexibility, and faster integration into existing company policies.
Related to our new TROOPERS workshop “Jump-Starting Public Cloud Security”, this post is going to describe some relevant components which need to be taken care of when constructing and auditing an Amazon Web Services (AWS) cloud environment. Those include amongst others the general AWS account structure, Identity and Access Management (IAM), Auditing and Logging (CloudTrail and CloudWatch), Virtual Private Cloud (VPC) networks, as well as S3 buckets.
The conference was very well organized and attendee focused, which could be seen by the many little details found on the conference. For example you never ran out of coffee or beverages, there was a new Hallway Track where you could meet people from all disciplines, discuss about your favorite topics and there was always a place to sit and take a break between all those interesting presentations. I had the chance to speak to very nice people from different industries, most importantly in my case on the topic security. It was nice to see how the Docker community is growing and the adoption rate is increasing, especially in companies. The main focus of the conference (especially seen in talks held by people from Docker Inc.) was the Docker Enterprise Edition.