Category: Business, AWS, Security, Docker, Architecture, logging, yaml
This blog series focuses on presenting complex DevOps projects as simple and approachable via plain language and lots of pictures. We eventually wrote out our pipelines in YAML, and now manage them via pull requests in a git repo.
Once this secret is created, you’d login to the AWS console by hand and populate this secret.
So let’s do that: We also want to permit this requesting IAM role to get to the Hub’s secret and the KMS CMK key it is encrypted with.
Now that this is in place, you should have n Spoke accounts running their own builders, and each automatically polling your Hub account for new images at least once a day, and if the image is set to die after one run (which we do, and recommend!), then it’ll grab it after running each job.
Once this secret is created, you’d login to the AWS console by hand and populate this secret.
So let’s do that: We also want to permit this requesting IAM role to get to the Hub’s secret and the KMS CMK key it is encrypted with.
Now that this is in place, you should have n Spoke accounts running their own builders, and each automatically polling your Hub account for new images at least once a day, and if the image is set to die after one run (which we do, and recommend!), then it’ll grab it after running each job.
Related Articles
Community Partners
DevOps Careers