DevOps on AWS
The introduction of DevOps Has become a critical enabler for any organization thatwantsto deliver solutions faster while creating synergies between developers and operations teams.
DevOps on AWS
As a leader in the cloud, AWS is continually bringing new services to market, as well as best practices and guides to helpDevOps to implement with AWS. As Advanced Consulting Partner, Skaylink has developed a DevOps practice that incorporates both AWS best practices and our own years of experince supporting customers on their Cloud and DevOps–Journey.
The result of our years of experience is a unique offer that includes:
- DevOps Maturity Check: Skaylink assesses your current methods and practices, the way your teams work, the tools you use, and the solutions you deploy to analyze your current implementation and identify potential improvements.
- Enablement Workshops: With curated content based on AWS best practices and Skaylink experience, we have developed and delivered numerous workshops on AWS services. You can choose from a list of ready-to-book workshops ranging from AWS basics to advanced topics like Infrastructure as Code or DevOps Tooling.
- Implementation / Projects:
- Leverage our expertise to execute your projects with DevOps methodologies. From Infrastructure as Code to Continuous Integration and Continuous Delivery/Deployment to Architecture Design and Implementation, we have many years of expertise to deliver end-to-end cloudnative projects.
- DevOps as a Service: Our extension approach allows you to book experienced DevOps professionals for your projects – in very simple contract models.
- DevOps Orchestration: In this approach, we embed our DevOps knowledge and experience into your team, meaning we collaborate on your projects and provide DevOps methodologies, coaching and support. Typically, this is a longer-term engagement focused on effective transformation.
Selected projects and solutions
This list gives a quick overview of the topics we are working on (for privacy reasons no customer details are listed).
Qualification of developers in the area of AWS Elastic Beanstalk
- Rapid empowerment of developers in Elastic Beanstalk
- Enhanced workbench to support DevOps issues for development teams
- Running multiple productive applications with hundreds of environments running on Elastic Beanstalk
- Use of Infrastructure as Code (AWS CloudFormation) and advanced customization (.ebextensions)
- CI/CD for rapid deployment with native AWS services
- Advanced security
Container orchestration with Kubernetes
- Design, implementation and operation of EKS clusters for multiple tenants
- Fully automated cluster setup with Infrastructure as Code (Terraform, CloudFormation/EKSCTL).
- Set up and configure CI/CD pipelines for application delivery, fully automated end-to-end process.
- Creation of a customer-specific container orchestration concept with best practices and architecture blueprints
- Help ISV transform current solutions into cloudnative services
- DevOps maturity assessment and enablement through workshops
- PoC to move an application to the cloud
- Application of Serverless Frameworks (serverless.com, SAM) and AWS Cloud-Native Services (Lambda, API Gateway, S3, Secrets Manager, DynamoDB)
- Cost optimization through cloudnative implementation leads to significant cost reduction compared to traditional instance-based solutions
Serverless application for secure password exchange (OTP)
- Developing a secure password sharing portal with AWS cloudnative services.
- Serverless application with AWS Lambda, API Gateway, DynamoDB, S3, KMS
- Step 1:
The client connects to the application, which is a static S3 website behind CloudFront.
- Step 2:
The client sends the secret text in a secure way to a Lambda function running behind an API gateway.
- Step 3:
The lambda function generates a random key to encrypt the ciphertext.
Afterwards, the encrypted secret is stored in a dynamo DB.
- Step 4:
The ID of the encrypted content is merged with the encryption key (KEY) and both are encrypted again with a KMS key.
The resulting data is sent back to the original client.
- Step 5:
The recipient of the secret link sends the encrypted data to the backend. The Lambda function uses the same KMS key to decrypt this data and extract the secret ID and KEY with which it was originally encrypted.
Note that this KEY is never stored in the backend, so even direct access to the Dynamo DB table is useless.
The retrieved data is decrypted and sent to the client again via HTTPS.