The Importance of Encryption

The Importance of Encryption

The use of multiple security strategies to protect sensitive data and personal information is a key element of data protection for any business. Not only does a comprehensive strategy help meet compliance requirements, but it also prevents the acquisition of information by unauthorized users outside of the organization. Encryption is a sophisticated way to add a layer of protection to business operations that should be included in any data security strategy.

What is encryption, and how does it work?

Encryption uses an algorithm to scramble, or encrypt, data and then uses a key for the receiving party to unscramble, or decrypt, the information. The message contained in an encrypted message is referred to as plaintext. In its encrypted, unreadable form it is referred to as ciphertext. There are many types of algorithms, which all involve different ways of scrambling and then decrypting information.

Choosing an encryption solution

For businesses looking to implement encryption to increase the level of security around data, there are several potential concerns to consider, including:

• How are encryption keys managed? Are they secured so that they can’t be accessed by unauthorized users?

• Is encryption authorization controlled independently from access to the underlying data?

• Does the encryption algorithm produce strong ciphertexts that are difficult to decrypt?

• Is a third-party solution affordable, easy to implement, and user friendly?

Encrypting data at rest and in motion

It’s important to ensure proper encryption of data both at rest and in motion. Data at rest is commonly encrypted using an industry-standard AES-256 encryption. For data in motion between your AWS workload and users, data-centers, or on-premise, the Transport Layer Security (TLS) protocol is recommended.

To learn more about the importance of encryption and how it can protect your data, please visit the Cloudnexa website, or dig deeper with The importance of encryption and how AWS can help from AWS.

Rename and relaunch of vNOC as Cloudscan

Meet Cloudscan: The vNOC Platform Is Now Upgraded and Improved

As a longtime Amazon partner since 2008, the minds behind the vNOC Management platform have the experience and knowledge to create tools that power cloud-based solutions for businesses big and small. With time, experience, and the addition of new technologies, the time for the vNOC platform to change came naturally over the years. Guided by the desire to offer a fully scalable and flexible service, the team behind vNOC worked to improve the current tools offered to provide clients with even more functionality.

Now, the VNOC management platform has been upgraded and rebranded to offer even more functionality for businesses seeking to operate at maximum efficiency. The new service has upgraded features and a brand new name that embodies the usefulness of the platform: Cloudscan.

What Is Cloudscan?

Cloudscan is a platform for AWS users who want to optimize cloud usage and performance continuously. The updated tool can perform automatic audits to ensure that your Amazon Web Service (AWS) accounts are performing optimally, but there is so much more to the service that makes it a must-have for both new and established companies. Some of the ways Cloudscan can help guide your business include:

  • monitoring for potential security issues across multiple accounts
  • guiding the provisioning of resources
  • performing deep dives that illuminate the reasons for infrastructure issues
  • providing near real-time guidance for cloud-based design
  • assess compliance for industries with governing regulations, such as finance and health care

Cloudscan begins identifying your business and security needs from day one of use by offering actionable feedback that can be addressed quickly to improve a business’ infrastructure.

Navigating the cloud can be challenging for businesses with limited experience in this realm. With more than 300 checks performed daily, Cloudscan is real-world tested and used by many businesses to power enterprises from every industry. Access to the platform is included for Amazon web services members. To find out more, visit the Cloudscan website today.

Welcome to the New Cloudnexa.com

Cloudnexa has been an AWS Partner for more than a decade — we were among the very first AWS Partners! We’re proud of our history in developing novel tools and services that have empowered the businesses and organizations we work with to take full advantage of everything the cloud has to offer.

As the next step in our innovative history, we are pleased to announce the launch of our refreshed and updated website, with the very latest information on the full set of services and features we have to offer.

Our AWS Cloud Services are unparalleled and as flexible and scalable as your specific needs require. If you’re new to AWS, we can assist your business with design and architectural consulting, modification and optimization of your infrastructure, and cloud migration strategies customized to your unique needs.

If you’re already established with AWS, we can assist your business with AWS service modernization and account optimization, as well as environment restructure & rebuild. Additionally, we can help ensure compliance across the financial and healthcare industries, as well as the public sector.

Unlike many compliance solutions that only cover risk assessment, Cloudnexa covers every aspect of ensuring your organization meets and maintains compliance standards with a complete, bundled compliance solution, customized to your specific needs.

With our suite of AWS Managed Solutions, we can develop a strategy that’s catered to your specific business process. Our continuous account review process is an all-inclusive strategy that outlines your cloud deployments during every stage. Deploy your next-gen development projects by harnessing the latest developments in DevOps, AI, machine learning, and data sciences.

The team at AWS will ensure you meet security, regulatory, and other compliance needs across healthcare, governmental, financial service organizations, and more. We perform AWS Well-Architected Framework (WAF) Compliance reviews, which will provide action items that can be enacted immediately to help your infrastructure align with AWS best practices. This process results in a faster, less expensive, more efficient and secure infrastructure.

As one of the original AWS partners, we’ve grown and evolved with the cloud services we deliver to our customers. As an AWS Premier Partner we continue to grow, innovate, and adapt to bring transformational power to all of our clients. From large, multinational organizations that may need to adapt to become more agile and responsive to small businesses ready to become industry leaders. Cloudnexa is ready and able to help you meet the challenges and opportunities you face, no matter what they might be.

Learn what Cloudnexa can do for you — check out our relaunched and refreshed site, with up-to-the-minute information on all of the ways we can help you and your organization make the most of the cloud. For more information about us or our services, click on our about page, or contact us today with any questions you might have.

Deploy Your Application using AWS Amplify

The last step in almost any software project is deploying your application to end users. If you ever deployed an application before, you know it can be tedious and time-consuming. Luckily by using AWS Amplify, we can streamline this process.

In a previous post, we built a Gatsby blog. I’ll be using this codebase for deployment.

Install Amplify

To get started, we need to install the amplify CLI:

npm install -g @aws-amplify/cli

Configure Amplify

run:

amplify configure

NOTE: this will open your default browser and ask you to log in to your AWS administrator account.

Once authenticated, pick your region:

Set your username: hot-new-blog-amplify

NOTE: this will open your default browser to this page, click the Next: Permissions button:

Next, you’ll see a page like:

You can click the Next: Tags button.

Next:

Click the Next: Review button.

Next:

Click create user.

Next:

Copy the Access key and Secret key. You’ll need to paste these into the terminal for the next step.

Paste in your access key:

Paste in your secret key:

Give your new profile a valid name: blog-amplify:

Initialize Amplify for our project

Next we will setup amplify for our specific project. We will deploy our Gatsby blog using CloudFront and S3.

first run:

amplify init

use these defaults:

In a few moments, you should see:

Add hosting to our Amplify project

We’re almost there. This is the last step before we have a production-ready blog!

Let’s add hosting to our project:

amplify hosting add

Select these options:

Next, run:

amplify publish

NOTE: this step can take 10-15 minutes to complete.

In the background, AWS amplify is using CloudFormation to build out our infrastructure. If you’re curious to see what the template looks like you can browse: amplify/backend/hosting/S3AndCloudFront/template.json

At this point, you should be presented with your production url:

Congrats. You have successfully deployed your blog!

This url is pretty ugly. You’ll probably want to add a CNAME record in your DNS registrar.

Using AWS CodeBuild and CodePipeline for Easy Continuous Integration

In a previous post, we setup a Gatsby blog and pushed the codebase to AWS CodeCommit.

This post will primarily focus on adding test coverage to our codebase and integrating AWS CodeBuild and CodePipeline for continuous integration.

Let’s get started.

What exactly is AWS CodeBuild?

AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers. CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left waiting in a queue. You can get started quickly by using prepackaged build environments, or you can create custom build environments that use your own build tools. With CodeBuild, you are charged by the minute for the compute resources you use.

what exactly is AWS CodePipeline?

AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define. This enables you to rapidly and reliably deliver features and updates. You can easily integrate AWS CodePipeline with third-party services such as GitHub or with your own custom plugin. With AWS CodePipeline, you only pay for what you use. There are no upfront fees or long-term commitments.

Our goal — run our test suite after every commit to the master branch of our remote repository.

Add Test Coverage

add Jest

First, let’s install Jest:

npm i -G jest

Lets test the CLI is working correctly:

jest --version

you should see the version number:

configure Jest for Gatsby

Please refer to the Jest configuration setup from Gatsby

once you completed the setup, you should have these files:

  • __mocks__/file-mock.js
  • __mocks__/gatsby.js
  • jest-preprocess.js
  • jest.config.js
  • loadershim.js

add our first test

cd src/pages
touch index.test.js

inside src/pages/index.test.js, paste:

import React from "react"
import renderer from "react-test-renderer"
import { useStaticQuery } from "gatsby"
import BlogIndex from "./index"

beforeEach(() => {
  useStaticQuery.mockImplementation(() =>
    ({
      avatar: {
        childImageSharp: {
          fixed: {
            base64: "data:image/jpeg;base64,/9j/2wBDABALDA4MChAODQ4SERATGCgaGBYWGDEjJR0oOjM9PDkzODdASFxOQERXRTc4UG1RV19iZ2hnPk1xeXBkeFxlZ2P/2wBDARESEhgVGC8aGi9jQjhCY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2P/wgARCAAUABQDASIAAhEBAxEB/8QAGQABAQADAQAAAAAAAAAAAAAAAAUBAgME/8QAFwEBAQEBAAAAAAAAAAAAAAAAAgEAA//aAAwDAQACEAMQAAABtTuWpVlGTeDJ0HAG/wD/xAAbEAACAgMBAAAAAAAAAAAAAAABAgMTABEjJP/aAAgBAQABBQJzpYGe3LyGZxGLsY+mY8Yzof/EABgRAAIDAAAAAAAAAAAAAAAAAAABEBIh/9oACAEDAQE/AcKjj//EABkRAAEFAAAAAAAAAAAAAAAAAAABEBIhMf/aAAgBAgEBPwGyQmN//8QAIBAAAQIFBQAAAAAAAAAAAAAAAQARAgMQEiExQWGBkf/aAAgBAQAGPwItqmMdwNLT4n2JbCwQU/Kl90//xAAaEAEAAwEBAQAAAAAAAAAAAAABABEhMUFR/9oACAEBAAE/IUVXGRfSl5yZEWkVrGwnd6EDTA+sdXqEbIVcO+k//9oADAMBAAIAAwAAABD76AH/xAAZEQACAwEAAAAAAAAAAAAAAAAAAREhMVH/2gAIAQMBAT8QhKbI9NMWH//EABkRAAIDAQAAAAAAAAAAAAAAAAABEBEhUf/aAAgBAgEBPxBNtovyBrT/xAAeEAEBAQACAQUAAAAAAAAAAAABEQAhMUFRYXGBkf/aAAgBAQABPxClwdnV04hQo4lO/wAzyyjjEGw+cZbkILxecbfXBH7zaeBntAmta2n5uEBbXZ4N/9k=",
            height: 50,
            src: "/static/4f27694bd7811d13157e5e488ad64f43/9b664/profile-pic.jpg",
            srcSet: "/static/4f27694bd7811d13157e5e488ad64f43/9b664/profile-pic.jpg 1x,↵/static/4f27694bd7811d13157e5e488ad64f43/06a10/profile-pic.jpg 1.5x,↵/static/4f27694bd7811d13157e5e488ad64f43/f1b5a/profile-pic.jpg 2x",
            width: 50
          }
        }
      },
      site: {
        siteMetadata: {
          title: `Default Starter`,
          description: 'test',
          author: 'Frank',
          social: {
            twitter: 'fjhancock',
          }
        },
      },
    })
  )
})

describe("BlogIndex", () => {
  it("renders correctly", () => {
    const data = {
      site: {
        siteMetadata: {
          author: "Your name",
        },
      },
      allMarkdownRemark: {
        edges: [
          {
            node: {
              excerpt: "Awesome new content goes here…",
              fields: {
                slug: "/my-first-post/"
              },
              frontmatter: {
                date: "August 29, 2019",
                title: "My First Post",
                description: null
              }
            }
          },
        ]
      }
    }
    const tree = renderer.create(<BlogIndex data={data} location={{ pathname: '/' }} />).toJSON()
    expect(tree).toMatchSnapshot()
  })
})

Save the file. Now lets run Jest:

jest

We should now have a passing test suite!

commit our changes

git add -A
git commit -m 'setup jest, added first test'
git push origin master

Update our codebase for CodeBuild

create a buildspec.yml in the root of the repo:

version: 0.2

env:
  variables:
    NODE_ENV: "development"

phases:
  install:
    runtime-versions:
      nodejs: 10
    commands:
      - npm install -g jest
      - npm install -g gatsby

  pre_build:
    commands:
      - npm install

  build:
    commands:
      - gatsby build
      - npm run test:ci

cache:
  paths:
    - './node_modules/**/*'

add a new script to package.json:

commit our changes

git add -A
git commit -m 'added buildspec for codebuild'
git push origin master

Configure AWS CodeBuild

We need to create a build project — which we then can include in our pipeline.

You should now see your new build project listed.

Let’s add a trigger to automate our builds.

Configure AWS CodePipeline

After a few minutes, we should see the pipeline successfully run:

If we dig into the logs of codebuild, we can see that our test suite has successfully passed:

At this stage, we have successfully created a continuous integration pipeline, using AWS CodeCommit, CodeBuild and CodePipeline!

In a later post, I will show you have to deploy your Gatsby blog using AWS Amplify.

How to Build a Gatsby Blog

A few months ago, we had the opportunity to migrate cloudnexa.com to Gatsby. We were unhappy with our current WordPress implementation — and Gatsby fit well with our current tooling and frameworks — so we took the plunge.

After a few quirks and gotchas, we successfully relaunched. I decided to share our experience below.

Create our Gatsby Blog

In case you haven’t heard of Gatsby, it’s a React static-site generator.

Gatsby allows you to pull data from anywhere — APIs, Markdown, CSV, JSON, other CMSs, etc. All of these sources are queried using GraphQL.

To keep it simple, we will use Markdown to write our blog posts. However, you can always use a headless CMS such as Contentful like we did for cloudnexa.com.

Let’s get started.

Prerequisites

We’ll also need to install the Gatsby CLI on our local development machine:

npm install -g gatsby-cli

Generate a Starter Blog using Gatsby

Gatbsy offers several templates called “starters” used to quickly spin up your projects and all the necessary tooling to get started. You can find several starter examples here.

For our purposes we’ll be using the gatsby-starter-blog

gatsby new hot-new-blog https://github.com/gatsbyjs/gatsby-starter-blog

Start the Gatsby development server:

cd hot-new-blog
gatsby develop

Result:

You can now access your starter blog from your web browser at: http://localhost:8000/.

Hopefully you see something similar to this:

NOTE: Be sure to keep the development server running while you’re working ‼️

Create our first blog post

As you can see from above, our initial build created some dummy posts. You can delete them if you want, or simply ignore them.

To create your first real post, open up another terminal window and change directories until you reach the root of hot-new-blog.

Then run:

cd content/blog
mkdir my-first-post
cd my-first-post
touch index.md

Inside my-first-post.md, paste this in:

---
title: My First Post
date: "2019-08-29T22:12:03.284Z"
---

Awesome new content goes here...

💡NOTE: you will probably want to update the date value in the frontmatter section.

Save the file — you should now see something like this:

Click on the title link — and now you should see:

🎉 Congratulations. You’ve created a Gatsby blog with your first post!

NOTE: you should update all references of Kyle in the code — not that he’s a bad guy — but it is YOUR blog 😃

Add git for version control

Now that we have a working codebase, let’s commit it to AWS CodeCommit.

Sign into your AWS console (you should already have an aws account if you dont you can setup an AWS account here.)

Then navigate to the AWS CodeCommit service:

Create a new repository:

Follow the instructions in CodeCommit to setup your SSH user. This will require creating IAM user and configuring your SSH keys.

Now to commit and push your codebase:

git add -A
git commit -m "setup gatsby, added first blog post"
git remote add origin ssh://git-codecommit.us-east-1.amazonaws.com/v1/repos/hot-new-blog
git push --set-upstream origin master

You should now see your new repository in CodeCommit:

In the next article, I will discuss how to test your blog using Jest — and setup AWS CodeBuild for continuous integration.

  • Cloudnexa Facebook URL
  • Cloudnexa Twitter URL
  • Cloudnexa Instagram URL
icon