Adam Divall

Walkthrough Guides and Other Useful Information on AWS

Experts Exclusive Interview on the AWS Certified Global Community

2022-10-30 4 min read Interviews Adam Divall

Back in early September, I received a private message from one of the Admins of the AWS Certified Global Community as there team had noticed myself being a champion within the community’s discussions and they wanted to highlight my contributions. They have an ongoing series called Expert’s Exclusive, where they publish an exclusive interview with one of there own experts and they wanted to feature me in the series.

It was quite a nice surprise and was the second time in my career where I’d been interviewed for a publication with the previous interview having been many years ago by Linux Academy who interviewed me regarding my AWS certification journey.

Continue reading

Creating a Multi-Account CI/CD Pipeline with AWS CodePipeline

2022-10-18 16 min read Walkthroughs DevOps Adam Divall

Whenever I’ve tried to learn a particular service or functionality within AWS, I find the best way is to do the ClickOps approach (i.e. Good Old Point and Click in the Console). Once I’ve figured out how to get it working via that method, I then go through the process of trying to automate it through Infrastructure as Code and in my case thats using AWS CloudFormation.

One particular example of this was getting a bit more familiar with AWS CodePipeline so that I could try to automate the delivery of CloudFormation Templates across multiple AWS Accounts in a similar manner as to how you would deploy solutions in a Software Delivery Lifecycle (SDLC). When I was learning how to do this through the management console, I found out that its not possible to do it all within the console and therefore you have to also leverage the AWS CLI for specific parts.

Continue reading

Customising AWS Control Tower with CfCT

2022-09-22 9 min read Walkthroughs Adam Divall

If you missed the previous posts on Deploying a Landing Zone with AWS Control Tower or you’ve not had much experience with the service, I’d recommend going back through and reading those firstly before continuing.

In this post, I’m going to walkthrough how you can start customising Control Tower using the Security Reference Architecture (SRA). The SRA utilises Customisations for Control Tower (CfCT) which deploys a DevOps pipeline that works with CloudFormation templates and Control Tower lifecycle events.

Continue reading

Deploying a Landing Zone with AWS Control Tower - Part 3

2022-09-06 6 min read Walkthroughs Adam Divall

Previously in Part 2 of this Walkthrough, I showed you how to create the organisational structure and enable guardrails within Control Tower.

In this post, I’m going to walkthrough some of the remaining post configuration task including configuring IAM Identity Center and provisioning a new AWS Account through Account Factory.

Configuring IAM Identity Center for Single Sign-On

AWS IAM Identity Center (formerly known as AWS SSO) is a service that enables you to have a single point of entry for managing resources within all of your AWS Accounts in an organisation.

Continue reading

Deploying a Landing Zone with AWS Control Tower - Part 2

2022-09-05 8 min read Walkthroughs Adam Divall

Previously in Part 1 of this Walkthrough, I touched on what a Landing Zone was and a brief background on them before going through how to launch AWS Control Tower as the foundation of a Multi-Account Architecture.

In this , I’m going to walkthrough through some of the initial post configuration activities with Control Tower including setting up the organisational structure and enabling guardrails.

What has Control Tower deployed?

As part of the setup, Control Tower has utilised a number of other AWS Services including:

Continue reading

Deploying a Landing Zone with AWS Control Tower - Part 1

2022-09-04 5 min read Walkthroughs Adam Divall

One of the first starting points for many organisations using Public Cloud is the establishment of a Landing Zone. A Landing Zone is a well-architected, multi-account environment that’s based on security and compliance best practices..

There are several reasons why organisations leverage a multi-account strategy including but not limited to:

  • Service Quotas: Each AWS Service typically has a number of different quotas; some of these are soft limits that can be increased by requesting an increase in the limit through a support ticket whilst others have hard limits that cannot be increased.
  • Limiting the Blast Radius: As an AWS Account is a boundary of isolation, potential risks and threats can be contained within an account without affecting others.
  • Security Controls: Workloads may have different complianye needs based on the Industry or the Geographical location. Whilst there are synergies between the different compliancy frameworks, the Security Controls that are implemented to help achieve the compliance may need to be implemented in a slightly different manner or may not be required at all.
  • Billing Separation: AWS Accounts are the only real way to separate items at a billing level e.g. Data Transfer costs.

When I first started using AWS in 2016 there was no pre-packaged solution for a Landing Zone; there were several recommendations provided by AWS but in essence it was something that organizations had to build themselves.

Continue reading

My AWS Certification Journey from 1 to 11

2022-09-02 9 min read Certifications Adam Divall

How did I first get into Technology and AWS?

As a child I always loved playing computer games back in the days when you had to load games via tape cassettes on the Amstrad CPC-464.

I was never particularly academic at school. After completing my GCSE’s and quitting my A-Levels after a year; I went to college where I did a BTEC National Diploma in Computer Studies where I found my passion for IT.

Continue reading
Older posts Newer posts