DEVOPS WEEKLY
ISSUE #545 - 6th June 2021

Health on-call culture, usable monitoring dashboards, AWS security boundaries, technical posts on ProtoBuf performance, container build toolchains and more.


StackHawk sponsors Devops Weekly
============================

StackHawk is helping One Medical equip developers with automated security testing and self-service remediations. See how:

http://sthwk.com/one-medical


News
====

An excellent post on building a healthy on-call culture for developers. Lots of concrete advice, centered on respecting engineers and their time.

https://developers.soundcloud.com/blog/building-a-healthy-on-call-culture


ProtoBuf API v2 has some large performance implications. This post is a good primer, as well as a look at how one project solved the problem with a project-specific code generator.

https://vitess.io/blog/2021-06-03-a-new-protobuf-generator-for-go/


Is an AWS account a security boundary? This post digs into the details, showing a large number of ways services cross accounts.

https://matthewdf10.medium.com/aws-accounts-as-security-boundaries-97-ways-data-can-be-shared-across-accounts-b933ce9c837e


Moving from a monolithic architecture to one based on many services often means having to distribute authorization. This post explores how one organization used humeji.

https://medium.com/airbnb-engineering/himeji-a-scalable-centralized-system-for-authorization-at-airbnb-341664924574


Some useful tips for building usable monitoring dashboards.

https://dmoldovan.medium.com/monitoring-how-to-build-your-monitoring-dashboards-e11f89918dd1


A post on the benefits of being able to repave a datacenter, including tips on how to get started.

https://rackn.com/2021/06/03/is-repaving-data-centers-the-way-to-better-roi/


A look at a toolchain for building and publishing container images, using GitHub Actions and ECR. It’s a good example of the trade off between complexity and secure tool chains with current tooling.

https://www.davehall.com.au/blog/2021/05/31/rube-goldberg-machine-container-workflows/


Tools
=====

Managing tags for cloud resources is critical but also a pretty thankless task. Yor is a new tool to help, that integrates with infrastructure as code and is intended for use in a CI pipeline.

https://github.com/bridgecrewio/yor
https://bridgecrew.io/blog/announcing-yor-open-source-iac-tag-trace-cloud-resources/



If you received this email directly then you're already signed up, thanks! If however someone forwarded this email to you and you'd like to get it each week then you can subscribe at http://devopsweekly.com

--

You opted in for Devops Weekly at http://devopsweekly.com

You can always unsubscribe by visiting https://devopsweekly.us2.list-manage.com/unsubscribe?u=b6635e37e35fa5eff0c2a947a&id=a63f24d068&e=[UNIQID]&c=a956290ff0

If you have other queries you can contact the list maintainer at gareth@morethanseven.net

Our mailing address is 43 Gwydir Street, Cambridge, UK, CB1 2LG