A continuous security pipeline demo for the AWS DevSecOps Workshop.
Before you get started, there's a couple things you're going to need to prepare.
We recommend using a new AWS account for the workshop environment. You can also use an existing account, but make sure the account has no existing resources created. Some of the security checks executed by this workshop may discover resources that are not configured to best practices and fail your pipeline.
This repository contains some scripts to stand up a Jenkins in AWS pre-configured to execute this pipeline.
One-button launch of the workshop environment:
To launch from the AWS Console, use the following CloudFormation template:
provisioning/cloudformation/templates/workshop-jenkins.json
To launch from the CLI, see this example:
aws cloudformation create-stack \
--stack-name AWS-DEVSECOPS-WORKSHOP-JENKINS \
--template-body https://s3.amazonaws.com/aws-devsecops-workshop/workshop-jenkins.json \
--region us-east-1 \
--disable-rollback \
--capabilities="CAPABILITY_NAMED_IAM" \
--parameters ParameterKey=InstanceType,ParameterValue=t2.micro \
ParameterKey=WorldCIDR,ParameterValue=0.0.0.0/0
To launch from your terminal, see this example:
$ bundle install
$ rake jenkins:create
See docs/development.md
for more details about the ruby/rake tasks.
The initial admin user to jenkins is preconfigured, the credentials are below.
It is highly recommended that you change the password to your workshop jenkins after creation.
- User:
workshop
- Password:
Fancy$Treasury!Effective!Throw^6
You'll need to create a jenkins credential set to access private repositories in Jenkins.