Utilizing a microservices architecture and isolating your apps into containers will provide portability, enhanced security, a backup and recovery strategy

Task-driven Computing

1. Secured connection using Asymmetric encryption
2. Enabling ephemeral agents for processing requests
3. Are you able to recover from a breach? Quickly restore systems with minimal operational disruptions and minimizing data loss

Bare Metal Servers vs. VM

1. Baremetal, dedicated hardware? Offers maximum and consistent performance, security and control. Best for heavy databases/high-performance computing
2. Using VM? Offers unmatched flexibility, scalability, and cost-efficiency. Best for Web Apps, Development and general cloud use

— What do we mean by Ephemeral Agents?

Ephemeral Agents are on-demand compute systems– more secured as their footprints are limited (e.g. time-based), financially efficiency rotating credentials, sandboxes and staging servers for development and testing

— Why should we use Ephemeral Agents?

1. Secured Executor
2. Expunged attack surface
3. Reduced cost

— How do we create Ephemeral Agents?

Pre-requisite: It is assumed you have an AWS account, provisioning automation (in this example, we are using a QA tool-Playwright but Terraform is another option and topic for another day), Asymmetric encryption-key-pair, Security group- Ingress/Egress policy

1. Log into AWS (e.g. we are using a Yubikey for multi-factor authentication)
2. Goto EC2
3. Select Launch an Instance
4. Create your VM instance:
   • Enter a Name- doesn’t have to be unique
   • Select an OS AMI- the image should be secured and may include vetted libraries (e.g. your company may have approved AMI images pushed to AWS)
   • Select an Instance type (e.g. t3-micro)
   • Select or Create a Key-pair (e.g. we’ll use an AWS generated one for this example)
   • Select or Create a Security Group (e.g. our example will be open to/from anywhere, but DO NOT do that in your production environment)
   • Select the storage capacity
5. Launch your instance
6. Connect to your instance
   • Optional: create a user, push your public key, install packages/libraries etc
7. SSH into the VM using your Asymmetric key-pair (which was generated in AWS or you could use a key-pair generated by you- topic for another day)
8. Once we are done with using this agent, we will tear it down which removed it’s footprint and secures the image. We can choose to create/update the image to persist configuration changes. We will utilize automation to spin up another agent as needed

Optional, automate provisioning of VMs which can be Dockerized as well:

1. Install our Development environment
   • Programing Language: for Example, Install Python on MacOS (it is assumed brew exists). On MacOS, you may already have a version of python which you can check with the command=”python –version”
     • Run command, brew install python (note: pip is also installed)
   • Development IDE: for example, Visual Studio
     • Download and install Visual Studio
2. Install libraries and packages that you will utilize for developing our automation tests
   • For example: we will develop tests to check Jenkins
     • Run command, pip install selenium
     • Run command, pip install unittest
3. Write your automation. 
   • For example: create our procedures
4. Create your VM
   • For example, you should get the following results— showing you have access to your instance
   • Run Docker command, <tbd>