- Let's make Cloud ☁️
- Posts
- Let's make Cloud #47: Where Argo CD Falls Short, Automate tagging of vulnerable docker images in ECR, CDK Project Bootstrapping with AWS CDK Builder
Let's make Cloud #47: Where Argo CD Falls Short, Automate tagging of vulnerable docker images in ECR, CDK Project Bootstrapping with AWS CDK Builder
Where Argo CD Falls Short, Automate tagging of vulnerable docker images in ECR, CDK Project Bootstrapping with AWS CDK Builder
Hello CloudMakers!
Today we shall see:
Where Argo CD Falls Short
Automate tagging of vulnerable docker images in ECR
CDK Project Bootstrapping with AWS CDK Builder
Enjoy!
Where Argo CD Falls Short (And What We Are Doing To Fix It)
The adoption of Argo CD and its integration into the GitOps model is garnering significant interest among companies. Addressing the definition of multiple environments and the promotion of applications through different stages is one of the most common queries; we now introduce a comprehensive product that not only streamlines the visualization of an application's lifecycle across various environments but also tackles the intricacies of setting up a staged release pipeline—a process that diverges from Argo's fundamental design of rapid single-cluster and Git repository synchronization: Plural CD, designed to alleviate some of these challenges by offering a unified dashboard view and application promotion across environments.
Other options like CodeFresh exist, and they are both offering free versions, but the most compelling features remain locked behind their paid plans. Nonetheless, for those seeking to implement a sophisticated GitOps strategy in a complex setting without the need for specialized purchases, I suggest to take a look to the methodology I’ve outlined in my blog as a viable alternative.
Automate tagging of vulnerable docker images in ECR
Amazon Elastic Container Registry (ECR) provides developers with a managed Docker container registry that enhances security within the AWS infrastructure. ECR conducts essential image scans to detect vulnerabilities, yet it's the developers who must decide how to act on these findings. This article introduces a solution that automates the response to such scans: it tags images with critical vulnerabilities and schedules them for automatic deletion after five days. The provided code makes implementation straightforward, allowing developers to seamlessly integrate this proactive security measure into their workflows. Simple but clever!
AWS CDK Builder: CDK Project Bootstrapping
The AWS CDK Builder is a browser-based tool that significantly eases the bootstrapping of Infrastructure as Code (IaC) projects using the AWS Cloud Development Kit (CDK). It boasts a dynamic visual designer alongside instant TypeScript code generation, streamlining the construction and deployment of CDK projects. Accessible online without the need for deployment, the CDK Builder is readily available for immediate use. However, for those who prefer a more personalized experience, there is also the option to deploy it within your own AWS account, providing flexibility and control over your IaC environment.
Thank you for reading my newsletter!
If you liked it, please invite your friends to subscribe!
If you were forwarded this newsletter and liked it, you can subscribe for free here:
Have you read an article you liked and want to share it? Send it to me and you might see it published in this newsletter!
Interested in old issues? You can find them here!