Every time any Lambda functions go on Errors or there is a Throttle I want to receive a notification on my Microsoft Teams channel.
Also, I have several accounts and I want to have a central notification system.
We have 4 AWS accounts and lambda deployed everywhere.
There are 2 development teams Legends and Avengers, we generated the webhook for Microsoft Teams and put them in the parameter store.
With this blog article on 17th November 2020 was released a new service that in my opinion changes the firewall world in the AWS Cloud.
The service is really powerful and complex, and it can bring the AWS Firewall to a new era.
Before this service was created you have only Security Group and Network Access control list. These 2 possibility are ok for most of the cases, but it Is possible for some high security environment you need something more advanced.
The possibilities are multiples and still I haven’t explored all but the ones I immediately like are:
In this article, you can learn how to login to the Ec2 bastion machine with and without ssh, how to open a tunnel for the Apache on the Bastion, and the other one in the Web Server.
In DevOps, everybody loves pipelines I have tested a lot of them over the years.
Here all possible pipelines with Terraform I ever tried
This article is not original content, it gathers my 7 LinkedIn posts about the topic if you want to read the original posts with the comments use the #learningterraforminsmallchunks on Linkedin search
This article comes from a practical case. We deploy everything in our pipeline with CloudFormation in several environments and for this reason, I cannot perform manual action.
Today 20th May 2020 is possible to mount AWS EFS volumes inside TaskDefinition for ECS but both for Ec2 and Fargate Compatibility the CloudFormation Resources are not yet available.
So the only solution is to use a CloudFormation Custom Resource.
I’m not an expert CloudFormation writer and I don’t want to be because I prefer to use Terraform but in the day by day, you need to find solutions and solve issues of…
If you start building your infrastructure in AWS using the IAC (Infrastructure as Code) approach you will currently find two big players in the market and you will need to choose between Terraform and AWS Cloudformation. One product is not better than the other, in some cases the right choice is Terraform but in other scenarios, AWS Cloudformation is better.
As published by Hashicorp there are 2versions:
In this article, we will compare the Terraform Open Source version and AWS CloudFormation
I have migrated 12 Terraform environments from v0.11.14 to the v0.12.2 and in this article, I share a summary about what I did to accomplish the task.
Of course, you should read the official guide to upgrade your code, in this page I did a short summary of that guide plus I add my personal experience and my fixes.
Instead to start to use the new Terraform version read the guide with the new features of Terraform 0.12.
When you create a Windows machine in AWS you can get the password some minutes after the machine creation using the pem key from the web console to retrieve it.
The problem is that this password will remain the same for the whole life of the machine. So also if a person leaves the company and loose AWS credentials if he has the password saved he will retain this kind of access. Of course, there are others way to prevent it like VPN firewall, nominal accounts etc. but it is not the purpose of this article.
The purpose of this…
I try to summarise what I did and learned in my journey with AWS Security Hub.
From re-invent 2018
AWS re:Invent 2018: [NEW LAUNCH!] Introduction to AWS Security Hub (SEC397) 45 minutes video but without initial configuration. Nice to have an idea about the product, and listen to testimonials companies that have already used.
From AWS Online Tech Talks Introduction to AWS Security Hub 45 minutes more or less like the re-invent one but without testimonials. Slides of this Video here
AWS Security Hub at the end is “only” a way to generate and read AWS Config rules…