Supplier business models in an automated world
As the pace of progress within existing markets increases year on year there are both new opportunities and substantial challenges to the successful and established companies across many industries. One of the key pathways through this modern landscape is often summed up in the all-encompassing term ‘Digital Transformation’. The definition varies depending on who you ask, but broadly speaking is a mix of modernisation of IT infrastructure and movement to more Agile methodologies. In general, trying to establish a modern software house as part of the business. Large organisations however are a myriad of different functionalities, groupings, operational processes, and supplier companies. In the zero-margin world of high automation and digital scaling, where do these supplier companies fit in? And how relevant are their differing business models in providing value to the host business?
Automated Business
If anything defines the business landscape in the modern world over the last few years it is the increasing sophistication of technology, the ever-quickening pace, complexity, scale of data, and dropping of costs. The power of the tools now available to organisations is incredible. With one click we can add massive data lakes, machine learning, and personal AI assistants, let alone the day-to-day underlying traditional compute uses we are more familiar with. What also seems clear however is that we aren’t able to keep pace with the availability of technologies in the majority of cases. Amazon and Google scale companies, and others whose businesses are essentially reliant on staying at the front-edge of technology, are able to harness the power of new functionality, their survival requires it. But what of the rest of the businesses out there, those who’s primary driver is not necessarily technological?
Human Isolated Credentials as Policy
“I’ve got news for Mr. Santayana: we’re doomed to repeat the past no matter what. That’s what it is to be alive.” - Kurt Vonnegut Jr Whether its passwords to access external service, API keys, or other forms of credentials, we not only know that our applications need them, but we also know that they are in reality, highly likely to be exposed beyond the security boundaries we define for them. Most commonly the exposure will come from a human error. Keys committed to a GitHub repository 1,2, incorrect permissions on an S3 bucket 3,4,5 and so on.
Automated Token Generation with Cloudformation Custom Resource Lambdas
Automated Credential Token with Cloudformation Custom Resource Lambdas The automated token template, [][1]
ECS Parameter Store Synchroniser
Working with credentials within ECS and passing them around is not entirely straighforward. As one way of doing this, this solution bases all environment variable storage in the AWS Parameter Store, then automatically synchronises them with the running tasks in a set of specified ECS clusters and tasks. [][1]
Deploying AWS Elastic Beanstalk
This template deploys elastic beanstalk into a new VPC, specifically amazons VPC architecture quick start VPC [100]. The instances are deployed into private subnets and the Application Load Balancer (ALB) into public subnets. A route is created into the service with the format <service_name>.<domain_name>. The template can utilise all of the standard beanstalk backends, ruby, python, node, docker, ecs, tomcat, go, php, dotnet. AWS Certificate manager backed HTTPS can be enabled but this will require an existing MX record in the hosted zone. [101] There are also options to add Elasticache and some other options. In the case of AWS components such as Elasticache, some standard environment variables are also created such as REDIS_URL. [Elastic Beanstalk into a new VPC][1] [][10]
AWS Certificate Manager Pipelining
[][5] This post will walkthrough automating AWS Certificate Manager validation through a Simple Email Service (SES), S3 and Lambda pipeline.
SaltStack – The Problem Bucket
This is the home of the various salt stack errors and quirks that I come across, just a nice little bucket of frustrations so that I have a quick reference page that is not based on human memory 🙂
Transferring RDS Data Between Containers on Different AWS Stacks
Quick bunch of notes on moving data between container on AWS using RDS. Here we have 2 stacks, each with a container sitting on an EC2 instance. The container is running a simple rails application connected to RDS specified in the DB_HOST environment variable. There are other shortcut ways to do this but this is the ‘pretty straightforward’ way 🙂
Advanced RabbitMQ Containers
Basically, a RabbitMQ image that uses confd to capture some environment variables to set itself up. All sorts of queues, bindings, vhosts, users, etc can be set up using this method.