Lacework, CodePipeline, CodeBuild, CodeGuru, ECR & EKS in CloudFormation

Lacework, CodePipeline, CodeBuild, ECR & EKS for our CI/CD pipeline is provisioned using CloudFormation. We will review these CloudFormation templates.

  1. Go to https://github.com/lacework-alliances/aws-immersion-day-code in your browser. Lacework Code Github
  2. Go to the templates directory and view the setup-pipelines.template.yml. This CloudFormation template provisions CodePipeline, CodeBuild & ECR resources.
  3. CodeBuild requires buildspec files. Go to the app directory and view the codebuild-scan-push.yaml and codebuild-deploy-eks.yaml files. codebuild-scan-push.yaml has the commands to perform a docker build, Lacework image vulnerability scan and docker push to ECR. codebuild-deploy-eks.yaml deploys the container to the EKS cluster.
  4. Go to the templates directory and view the setup-bastion-eks.template.yml. This CloudFormation template our EKS cluster with the Lacework agent for runtime protection.

These templates have already been executed in your AWS environment. We can now view these resources in your AWS console.