This repository provides a practical DevSecOps solution integrating Jenkins, Terraform, AWS (EKS, ECR, S3, VPN), and Helm for secure, automated CI/CD pipelines. This setup enables seamless hybrid cloud deployment, secure infrastructure provisioning, and automated application delivery.
This repository contains multiple branches, each dedicated to a specific aspect of the DevSecOps workflow:
- πΉ asp-deployment β Manages the deployment of ASP.NET applications with enabled SAST/DAST/Dependency scanning and Image scanning security validation.
- πΉ main β The primary branch containing description of production-ready configurations.
- πΉ provision-resources β Handles Terraform and Amazon Lambda scripts for provisioning AWS infrastructure that can be destroyed by one button.
- πΉ wagtail-deployment β Deploys Wagtail CMS Helm with enabled SAST/DAST/Dependency scanning and Image scanning security validation.
- β Hybrid Cloud CI/CD β On-prem Jenkins securely deploys to AWS resources.
- β Infrastructure as Code (IaC) β Terraform provisions EKS, ECR, VPN, and S3.
- β Secure Container Management β Store and manage Docker images in Amazon ECR.
- β Automated Deployments β Deploy applications to EKS using Helm charts.
- β Least Privilege IAM Roles β Secure access with AWS IAM role-based policies.
- β Terraform State Management β Encrypted S3 backend with DynamoDB state locking.
- β Auto Cleanup Pipeline β Automatically destroy AWS resources after testing.
git clone https://github.com/Sanchistor/DevSecOps-practice.git
cd DevSecOps-practiceEnsure your AWS credentials are configured for Terraform and Jenkins to access AWS services:
aws configureterraform init
terraform apply -auto-approve- Set up Jenkins with the necessary plugins (Terraform, AWS CLI, Docker, Helm, and Kubernetes).
- Add your AWS credentials to Jenkins.
- Run the Jenkins pipeline to build and deploy applications securely.
To destroy all AWS resources after testing:
terraform destroy -auto-approveπ Happy Coding!