InfoQ Homepage DevOps Content on InfoQ
-
Cloud Security Posture Management Now Available in Vulnerability Scanner Trivy
The open source vulnerability scanner Trivy has been recently extended to support cloud security posture management (CSPM) capabilities. While initially available only for AWS, Trivy will soon get support for other cloud providers, says Aqua Security.
-
Trusted Advisor Priority Capability Now Available for Enterprise Support Customers
Recently, AWS announced the general availability of a new capability for their Trusted Advisor service with Trusted Advisor Priority, allowing Enterprise Support customers prioritized and context-driven recommendations manually curated by the AWS account team based on their knowledge of the customer’s environment and the machine-generated checks from AWS Services.
-
Slack Implements Circuit Breakers to Improve CI/CD Pipeline Availability
Slack recently published how it implemented the Circuit Breaker pattern to improve its CI/CD pipeline availability. Before this project, engineers at Slack saw challenges as peak request volumes in internal tooling caused cascade failures in dependent systems. Since completion, engineers saw increased service availability and fewer bad developer experiences like flakiness from failing services.
-
AWSGoat Open-Source Project for Pen Testing AWS Cloud Solutions
AWSGoat is a vulnerable-by-design infrastructure on AWS, featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. It mimics real-world infrastructure with additional flaws and uses a black-box approach, including multiple escalation paths.
-
Programming Observability: Measuring the Maturity of Observability as Code
Observability can be programmed and automated with observability as code. A maturity model can be used to measure and improve the adoption of observability as code implementation. Yury Niño Roa, cloud infrastructure engineer at Google, spoke about programming observability at InfoQ live August 2022.
-
Discover, Copy, and Share Common Code with the New AWS Serverless Snippets Collection
Recently, the AWS Serverless Developer Advocate team released the Serverless Snippets Collection. This new Serverless Land page makes it easier to find, copy, and share common code that can enhance productivity in serverless application development.
-
Java News Roundup: JDK 19-RC1, Multiple Spring Updates, Micronaut, Helidon, Payara
This week's Java roundup for August 15th, 2022, features news from JDK 19, JDK 20, Spring Boot versions 2.7.3 and 2.6.11, Spring Authorization Server versions 1.0.0-M1 and 0.4.0-M1, Spring Security versions 5.7.3 and 5.6.7 and 5.8.0-M2, Spring Cloud Dataflow 2.9.5, Spring Shell 2.1.1, Payara Platform 5 Community Edition, Micronaut 3.6.1, Helidon 3.0.1 and Apache Camel 3.14.5.
-
AWS Brings Support for GitHub, Stripe, and Twilio Events to Amazon EventBridge
Amazon EventBridge is a serverless event bus that allows AWS services, Software-as-a-Service (SaaS), and custom applications to communicate with each other using events. The service now supports integrations with GitHub, Stripe, and Twilio via webhooks using Quicks Starts.
-
The Announcement of Discontinuing Google Cloud IoT Core Service Stirs the Community and Customers
Google Cloud IoT Core is a fully-managed service that allows customers to connect, manage, and ingest data from millions of globally dispersed devices quickly and securely. Recently, Google announced discontinuing the service - according to the documentation, the company will retire the service on the 16th of August, 2023.
-
Google Announces Three New Regions in Asia Pacific
Google has a global network of 34 regions and 103 availability zones, bringing its Cloud services to customers in over 200 countries and territories worldwide. Recently, the company announced that it would expand its presence to three new cloud regions in Malaysia, Thailand, and New Zealand.
-
Dealing with Cognitive Load Using Observability
We can make good decisions with speed when we limit the cognitive load on any one person or team. Observability can help to increase delivery speed, by providing information to developers that helps them to make decisions quickly.
-
New Microsoft Defender Products: Threat Intelligence and External Attack Surface Management
Microsoft recently announced two security products: Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management. These new products are driven by their acquisition of RiskIQ just over a year ago.
-
New Features with the GA Release of Second-Generation Cloud Functions
Like other public cloud vendors, Google has a Function-as-a-Service (FaaS) offering with Cloud Functions – and recently announced the second generation's general availability (GA).
-
Java News Roundup: Extent-Local Variables, Payara Platform, Project Reactor, Ktor, Spring Web Flow
This week's Java roundup for August 8th, 2022, features news from OpenJDK, JDK 19, JDK 20, Jakarta EE 10, Spring WebFlow 3.0.0-M1, Spring Tools 4.15.3, Payara Platform Enterprise 5.42.0, Quarkus 2.11.2, MicroStream 7.0.1-beta, Piranha 22.8.0, JobRunr 5.1.7, Eclipse Vert.x 4.3.3, Project Reactor 2022.0.0-M5, Ktor 2.1.0, Apache Camel 3.18.1 and KCDC Conference.
-
Run Visual Studio Software on Amazon EC2 with User-Based License Model
AWS recently announced the general availability of license-included Visual Studio software on Amazon Elastic Cloud Compute (Amazon EC2) instances. Organizations can now pay a per-user subscription fee for fully compliant AWS-provided Visual Studio licenses.