Skip to main content
Blog

Building Robust Cloud Infrastructure

As more and more focus shifts to the cloud, and more importantly the scale of these efforts increase, it becomes increasingly complex to manage and deploy these infrastructures. Terraform has always been a great tool to manage these configurations and remain as cloud-agnostic as possible. One issue with terraform however has been how to architect the code and manage the infrastructure config as things get more complex. Tools like Terragrunt have been able to step in and fill some gaps, but still leave a bit to be desired.

We collaborated with AWS and their Cloud Development Kit (CDK) team to support this new project leveraging two key components of the AWS CDK: a set of language native frameworks for defining infrastructure and adaptors to an underlying provisioning tool. Using these libraries, the AWS CDK generates CloudFormation configuration. Similarly, the CDK for Terraform generates Terraform configuration to enable provisioning with Terraform. The adaptor works with any existing provider and modules hosted in the Terraform Registry. The core Terraform workflow remains the same, with the ability to plan changes before applying.

CDK for Terraform: Enabling Python & TypeScript Support (hashicorp.com)

Static analysis is an incredibly powerful tool for code quality and has had a major impact on the security of applications. But what is it? In the most simple of terms, it’s the analysis of the source code of an application. It studies each of the possible routes through an application from inputs to outputs and looks for issues. Issues can range from mallocs without frees, circular references, unchecked inputs being used to create SQL statements, into system calls or buffer overflows. It’s actually a lot more complicated and this wikipedia page has a good breakdown if you’re interested.

Within the Android and iOS world, static analysis is one of the checks that every app goes through when it’s submitted to the Play Store or the App Store and for good reason; it helps make sure that the code submitted is of reasonable standard.

Blog

Building Robust Cloud Infrastructure

As more and more focus shifts to the cloud, and more importantly the scale of these efforts increase, it becomes increasingly complex to manage and deploy these infrastructures. Terraform has always been a great tool to manage these configurations and remain as cloud-agnostic as possible. One issue with terraform however has been how to architect the code and manage the infrastructure config as things get more complex. Tools like Terragrunt have been able to step in and fill some gaps, but still leave a bit to be desired.

We collaborated with AWS and their Cloud Development Kit (CDK) team to support this new project leveraging two key components of the AWS CDK: a set of language native frameworks for defining infrastructure and adaptors to an underlying provisioning tool. Using these libraries, the AWS CDK generates CloudFormation configuration. Similarly, the CDK for Terraform generates Terraform configuration to enable provisioning with Terraform. The adaptor works with any existing provider and modules hosted in the Terraform Registry. The core Terraform workflow remains the same, with the ability to plan changes before applying.

CDK for Terraform: Enabling Python & TypeScript Support (hashicorp.com)

Static analysis is an incredibly powerful tool for code quality and has had a major impact on the security of applications. But what is it? In the most simple of terms, it’s the analysis of the source code of an application. It studies each of the possible routes through an application from inputs to outputs and looks for issues. Issues can range from mallocs without frees, circular references, unchecked inputs being used to create SQL statements, into system calls or buffer overflows. It’s actually a lot more complicated and this wikipedia page has a good breakdown if you’re interested.

Within the Android and iOS world, static analysis is one of the checks that every app goes through when it’s submitted to the Play Store or the App Store and for good reason; it helps make sure that the code submitted is of reasonable standard.

Subscribe to our Newsletter