syft

• AWS open source newsletter #170

  Aug 21, 2023 |  21 minute read

  August 21st, 2023 - Instalment #170 Welcome to edition #170 of the AWS open source newsletter, an oasis of open source goodness that features the latest new projects, essential reading, and must view videos to quench the thirst of every open source developer. This weeks edition we have new projects that help you get on top of your IAM actions, a handy tool for knowing what your current AWS account service limits are from the command line, a tool to help you do database migrations, and some interesting and very detailed reference solutions for gaming, live streaming, and managing/exporting of your Amazon Cognito profiles.

  • oss-newsletter
  • aws open source
  • AWS-LC
  • Threat Composer
  • AWS CDK
  • AWS SAM
  • AWS SDK for Java
  • GitLab
  • GraphQL
  • AWS AppSync
  • AWS Distro for OpenTelemetry (ADOT)
  • PostgreSQL
  • Apache Airflow
  • SBOM
  • Syft
  • Apache Hudi
  • Apache Iceberg
  • Apache Spark
  • collectd
  • Grafana
  • O3DE
  • ROS
  • Next.js
  • PostgreSQL
  • OpenZFS
  • MWAA
  • Cedar
  • Powertools for Lambda

• AWS open source newsletter #144

  Feb 5, 2023 |  19 minute read

  Feb 5th, 2023 - Instalment #144 Welcome to edition #144 of the AWS open source newsletter, and another week of great new open source projects for you to try out. Some of the treats in store for you this week include “dynamodb-shell”, a project that provides a cli to your favourite AWS database, “precloud” a tool to help you catch issues with your configuration before you deploy, “node-latency-for-k8s” a tool to analyse your node logs, “stepfunctions-lambda-ec2-ssm” a very nice way of using step functions to overcome the 15 minute timeout of your lambda functions, “terraform-ec2-image-builder-container-hardening-pipeline” a very cool example of how to build an EC2 image hardening pipeline using Terraform, and “cloudtrail-event-fuzzy-viewer” a tool to copy your AWS CloudTrail events and then fuzzy search them on the command line.

  • oss-newsletter
  • aws open source
  • Apache Flink
  • Terraform
  • Apache Spark
  • Delta Lake
  • Kubernetes
  • Amazon EKS
  • Apache Iceberg
  • Bottlerocket
  • Ubuntu
  • Argo Workflows
  • Argo Events
  • Apache YuniKorn
  • Fluent Bit
  • Prometheus
  • Quarkus
  • OpenSearch
  • PostgreSQL
  • AWS Amplify
  • Next.js
  • Grafana
  • Telegraf
  • Dask
  • syft
  • sbomqs
  • Cosign
  • Sigstore

• Building a software bill of materials (SBOM) using open source tools

  Feb 1, 2023 |  6 minute read

  This is the second post exploring how you can use open source tools to help you build a stronger defence against common software supply chain attacks. In this blog post, I look at syft, an open source CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. We will use examples and build on the previous post, Getting hands on with Sigstore Cosign on AWS.

  • Amazon ECR
  • Cosign
  • Sigstore
  • syft
  • SBOM