Spinnaker Summit 2020

This panel will ultimately show you how to use Spinnaker to build a GoldenAMI pipeline. The accompanying use case is: often times, teams need approved AMIs that meet the security assessment standards. The typical process is to have all the AMIs baked and then deployed into instances with Spinnaker, then out of band, to run some sort of security assessment tool against those instances. The issue with this, is that the instances are already deployed, meaning that the time spent on spin-up is wasted. The assessment, depending on the 3rd party solution, is also going to take much longer as the runtime scales with the number of instances/agents it must evaluate. And finally, this process it decoupled from Spinnaker itself. The solution I want to show you is that we can use web-hook stages within Spinnaker, invoke AWS Lambda Function/API Gateway/AWS Inspector to run these assessments on a GoldenAMI candidate. Once the assessment is complete and approved manually, the AMI can continue down the pipeline and into a GoldenAMI approved environment, for instances to utilize. This will all be ran through one single pipeline execution within Spinnaker.