Back To Schedule
Tuesday, November 10 • 12:50pm - 1:05pm
Delivering Golden AMIs with Spinnaker

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This panel will ultimately show you how to use Spinnaker to build a GoldenAMI pipeline. The accompanying use case is: often times, teams need approved AMIs that meet the security assessment standards. The typical process is to have all the AMIs baked and then deployed into instances with Spinnaker, then out of band, to run some sort of security assessment tool against those instances. The issue with this, is that the instances are already deployed, meaning that the time spent on spin-up is wasted. The assessment, depending on the 3rd party solution, is also going to take much longer as the runtime scales with the number of instances/agents it must evaluate. And finally, this process it decoupled from Spinnaker itself. The solution I want to show you is that we can use web-hook stages within Spinnaker, invoke AWS Lambda Function/API Gateway/AWS Inspector to run these assessments on a GoldenAMI candidate. Once the assessment is complete and approved manually, the AMI can continue down the pipeline and into a GoldenAMI approved environment, for instances to utilize. This will all be ran through one single pipeline execution within Spinnaker.

avatar for David Hurng

David Hurng

Senior Site Reliability Engineer, Salesforce Einstein
I am a senior SRE at Salesforce Einstein. Einstein is our AI platform for Salesforce and my team builds the architecture/infrastructure for many of the services that make up Einstein. One of the major projects I am currently driving is the adoption of Spinnaker. Spinnaker as we all... Read More →

Tuesday November 10, 2020 12:50pm - 1:05pm PST