Stackery today announced the expansion of its serverless security and CI/CD capabilities that enable teams to automate delivery best practices. This includes additional audit capabilities, scoped IAM permissions, and secrets management for automated verification and deployment pipelines.

Stackery’s SaaS platform makes it possible for any business designing, developing, and delivering modern applications to enhance productivity while ensuring that their workloads are compliant and well-architected from end-to-end, according to the company. 

The platform helps customers define and protect how applications are deployed to testing, staging, and production environments, for promoting applications to environments via Amazon Web Services (AWS) CodeBuild, and for tracing and auditing.

“Our heritage is around the design and development capabilities. We’ve always had some set of deployment capabilities because if you’re building applications, you have to be able to send them somewhere. We’ve found that the customers that use us at the most scale were using our deployment capabilities to define their environments and then protecting them with Stackery,” said Tim Zonca, the CEO of Stackery. “The new capabilities build on that.”

Automated verification was built in for both the CI and CD portions of the pipeline to provide an automated workflow in which users don’t have to think about best practices. Another new capability that was built in is an integrated GitOps workflow, a modern software development workflow.

After turning a switch, Stackery facilitates auditing the function code for known vulnerabilities using common tooling (npm-audit, Node.js, safety check with Python, and more). Stackery also provisions ephemeral short-lived deployment environments per pull request.

“This is used for system testing, integration testing, unit testing, as well as humans can go in and do usability testing as well,” Zonca said. 

Upon successful completion of these tests, the deployment is automated through the final deployment tiers: staging and production. It also offers the ability to choose between either automation up to the final stage, or automation all the way throughout the process.

Stackery gives developers access to unique code-to-architecture visualizations and unlocks more than 20 serverless services for developers and DevOps teams. This year, Stackery has enhanced its offering with native support for provisioned concurrency and for AWS HTTP APIs service, enabling its customers to cut cloud costs by up to 70% and drive a 60x faster release cycle, the company stated. 

“We see the definition of serverless broadening and more developers will have the power to build modern applications with more and more resources without worrying about the underlying complexity of scaling everything,” Zonca said. 

Branch Insurance, a Columbus, Ohio-headquartered insurance startup that bundles home and auto insurance online, started developing using Stackery for almost a year and said it’s the adoption of Stackery greatly improved the developer collaboration process. 

“Amazon tooling didn’t do it for us because it didn’t have a good cross-account view. One of the things that turns out is the best way to run your organization when you’re using serverless or using serverless services, is to have every developer have his or her own account, every environment has its own Amazon account, so there’s this massive benefit in running them all identically. Amazon tends to only think within one account at a time,” said Joseph Emison, the cofounder and CTO of Branch Insurance. “And so Stackery has this great view that’s very cross-account and is built around being able to think about how am I replicating this exact same set of things in all these different accounts.”

Secondarily, Emison added that Stackery gave extensions and additional benefits on the AWS Serverless Application Model and CloudFormation functionality. These are Amazon’s tools to run infrastructure as code that enables users to define their infrastructure in their code base and then instantiate it instantiated.

“They lack a number of functionalities and using them on their own the way Amazon has them set up is much more painful than through Stackery,” Emison said.

The recent additions to the Stackery platform, according to the company’s announcement, are as follows:

  • GitOps Workflows: with integrations for CI/CD services and tools such as Gitlab, Bitbucket, CircleCI, and Jenkins, pipelines are tied into an integrated GitOps workflows to facilitate changes, audits, and delivery mechanisms.
  • Agile Change Management: provides automatic promotion of the stack changeset to the next environment upon successful passing of tests and verifications
  • Scoped Permissions and Secrets Management: offers fully scoped permissions across all accounts and environments to enable development teams to scale and fully leverage a tuned set of AWS IAM roles, permissions and secrets.
  • Automated Security Audits: adds additional open source security integrations for common tooling such as npm audit for Node.js and safety check for Python. 
  • Enhanced Provisioning: enables sandboxed integration testing, as well as manual verification, linked directly into every PR. 
  • Automatic Verification of Stacks: manage changes, dependencies, and processes easily by giving visibility and control over the automation of continuous delivery pipelines. 
  • CloudLocal Development: integrate quickly with AWS serverless resources and automate the continuous delivery of validated stacks in every pull request.