by Stephen Kuenzli | Feb 5, 2020 | AWS, Cloud, DevOps, Risk, Security, Systems
Cloud deployments often use tagging to describe the context of a compute or resource such as a who owns or what application a virtual machine or object storage bucket belongs to. However, the common resource tagging models in use don’t describe the context... 
by Stephen Kuenzli | Jan 27, 2020 | Cloud, DevOps, Security
Shift Left, Photo by Nick Fewings I hit an obstacle on my way to extending the common resource tagging models with context to describe security and risk attributes. I couldn’t get past that while I feel this should be a settled engineering practice, it... by Stephen Kuenzli | Jan 15, 2020 | AWS, Cloud, DevOps, Security
I’m researching how engineers assess the security posture of their Cloud deployments and evaluate risk to those deployments so they can improve it. Reading Time: 10 minutes The research starts with these questions: What’s the hardest part about assessing... 
by Stephen Kuenzli | Jan 8, 2020 | AWS, Cloud, DevOps, Infrastructure As Code, Strategy
When I architected my SaaS’ deployment platform and delivery pipeline, I specifically sought to: maximize Aspects of a High Performance Software Delivery Processminimize components and platforms and offload as much undifferentiated, heavy lifting to focus my... 
by Stephen Kuenzli | Jan 6, 2020 | DevOps, Infrastructure As Code, Strategy
To escape The DevOps Organization Build Trap, I suggested that you minimize the distinct sets of components your organization uses to deliver and operate software. Those components represent a dependency tree and are integrated, enhanced, and worked-around by your... 
by Stephen Kuenzli | Jan 2, 2020 | DevOps
Fireworks by Roven Images Happy New Year! Many of you have freshly resolved to be more agile, adopt DevOps, or ramp-up your software delivery improvement efforts. The NoDrama Agile and DevOps theme page will help you accomplish these resolutions by: building a solid... 