AWS Security Workshop

This workshop, we will understand the different security methods we can implement with AWS services.

In this case, we will deploy a react app “ip calculator.”

Deploy or Cloudformation

To deploy our CF, we will need an AWS account. In addition, you need to fork the GitHub repository.

In the Cloudformation.yaml file, we will find the file to deploy.

Remember that it is necessary to generate a token in GitHub and replace the repository owner and the branch.

The «CodeBuildProjectName» Is going to be a random name for de cobuild pipeline.

When complete, it will display the URL of the application.

Secure Our Code

SonarCloud provides features like automatic static code analysis, vulnerability detection, and secret management.

It includes integration with IDEs through the SonarLint extension, enabling developers to identify and fix issues in real time.

We need a free SonarCloud account.

Let’s add one more step to the pipeline to scan our code; on the repo, you are going to find the buildspec to add to codebuild sonarcloud_buildspec

Additionally, you are going to add variables to codebuild:

  • ORGANIZATION
  • PROJECTKEY
  • SONAR_TOKEN

Integrate WAF to CloudFront

We will add WAF to Cloudfront using the UI and force https traffic.

Facebook
Twitter
LinkedIn
Pinterest
Tumblr
×