Three Security Highlights For Terraform on AWS

So, you want to build your infrastructure in AWS and use Terraform for your Infrastructure as Code? And you want to do it securely? In this blog we highlight three things you should pay attention to from a security perspective: your IAM roles and trust relationships, your Terraform state, and your detection & monitoring. Of course, each of these topics deserve their own in-depth blog, but we’ll start highlighting three key touchpoints.

HashiCorp Terraform and AWS logos
HashiCorp Terraform & AWS
Read more →

Easy lambdas with Netlify

Over the past years I’ve tried working with lambda functions on and off a couple of times. Each time I got stuck, either clicking in AWS UIs or writing YAML files.

Netlify changes all that by making lambdas easy to use. Below I’ll describe the basics of deploying a function, and I’ll show how the development tools support local development.

The most basic hello world example I could come up with can be found in this repo, tagged basic-javascript-lambda. There’s a simple index.html file (a left over from earlier experiments), and a hallo.js file in src/functions. That’s almost al there is to it, but it needs one specific bit of configuration in a file named netlify.toml, located in the root of the repository.

More

Thoughts on organizing architecture

When being part of an enterprise, you will meet different architects on any given day. The first one introduces itself as a solution architect, the other calls itself the enterprise architect, and they both mention a domain architect. It might feel like different names for the same thing, and perhaps even a bigger question, do we even need all of these different architects? Should the team not be able to make all of these architectural decisions by themselves?

Read more →

Mommy, What is Software Quality?

So, what is software quality anyways? Let’s shed some light on some schools of thought.

Three Perspectives on Quality

Conformance to specifications

Suppose we have a predefined list of requirements for a product, and all of these requirements are verified and validated throughout the process of constructing that product. When we are approaching a release, we can simply demonstrate the green check marks as the results of the verification and validation activities and be happy. We see this happening all over the place in certification-oriented businesses, but also e.g. in road construction works. It has to do with regulations and with compliance. This is the way space shuttles are built.

Read the full blog here, and find out the Three Perspectives on (Software) Quality

EventStorming as a cultural assessment

We are on a quest…

As consultants, we are not only challenged by the technical challenges our customers face, but also how it affects the organisational structures and the culture. Based on our experiences, EventStorming is a great technique to expose the underlying cultural aspects of an organisation, while focusing on the value streams and technology. In this post, we are sharing what we have learned, by giving examples from our experiences that hopefully inspire you to use EventStorming as a cultural assessment.

Read more →

Organizational sensing: why indicators are not enough

The world around us is changing quickly. Organizations need to rapidly respond to a changing world. In a knowledge intensive world, pressured by hypercompetition, new forms of organization are required to keep up. Especially around the topic of enabling value delivery, organisations need to balance the paradox of steering. Either steering via management (coordination) or empower teams to organise themselves. John Child in his book Organizations describes the concepts of integration and coordination, mechanisms to enable delivery of value.

Read more →

A/B Testing with Netlify

While browsing the Netlify configuration site for my account (in a more or less panicky attempt to find some config item I’d lost track of), I stumbled on an option named split testing. I know this concept as A/B testing, where you try out different versions or options of a site and check analytics to find out which version yields the highest revenue. Netlify tags this option as beta, but at the time of writing I’m pretty happy with its performance. Below is a short introduction on how to use the split testing feature.

More…

Unlimited versions of your site with Netlify

Remember when we used to have a production, acceptance testing, integration and development version of a site? And that we struggled to get an extra environment from IT just so our customers could test our work?

Those days are over. Below I’ll show how to set up deploys for every branch. Or every commit. And how to have all of those versions available at the same time. The enabling technology is Netlify.

This post will show how to deploy a site on Netlify, based on a GitHub repository. And the killer feature: each single commit can be deployed to a unique URL with no extra effort at all. This facilitates fast and easy feedback from our clients on the products we build.

more…