My own AWS Landing Zone
You probably know how this works: you start learning AWS, get a free tier account, work with it – play with it (yes, really, AWS is toys for adults). …
Author: Frederique Retsema
Lazy Loading with AWS Fargate
Introduction Some time ago my colleague informed me that AWS announced a new feature : starting containers faster with AWS Fargate. The idea is to start the container before …
Writing your own Lambda function for secret rotation
Introduction A few weeks ago I published a blog about secret rotation , I used the default Lambda functions for single user and multi users that are maintained by …
First steps in rotating secrets in AWS Secrets Manager
Introduction AWS Secrets Manager was released in 2018. It is a nice replacement for secret strings in the SSM Parameter Store. With Secrets Manager it is possible to automate …
How to install Bitwarden with added security in AWS
Introduction I used LastPass for several years, and it helped me a lot to access my passwords and secrets on any moment, from multiple devices, in a secure way. …
New in AWS: AWS Resource Explorer
Up to now, it was not very easy to see what resources you have in an AWS account. One of the ways to solve this was to enable the …
Is RHCSA still relevant when you use the cloud?
Last week I passed for my RHCSA exam (EX200) . While I was studying for the exam, I asked myself which parts of this exam are still relevant when …
Personal link shortener in AWS
I like to do presentations about a lot of topics. Most of these presentations are recorded and the link to that recording is then shared to people who couldn’t …
AWS Config automated remediation
Introduction It is possible in AWS to check if your environment is compliant to your minimum standards. It is also possible to automatically change the environment to make it …
Stop DELETE_IN_PROGRESS when custom resources fail in AWS CloudFormation
Script to stop the execution of CloudFormation when you made a small error in a custom resource (Lambda function).
Play environment for WebGoat, WebWolf and Juice Shop
In this blog post, I will show how you can install the OWASP training tools WebGoat, WebWolf and JuiceShop on your local laptop using Vagrant.
Check for RunAs accounts in Automation Accounts
Introduction Some time ago, I wrote about the new preview feature in Azure Automation Accounts to use Managed Identities . I think that it is useful to migrate to …
Using a Managed Identity with Azure Automation Accounts
Introduction I think that every production environment in Azure uses Automation Accounts for f.e. scheduled tasks. Up to recently, you were forced to use the Run As user to …
Delete play-resources from Azure using runbooks
Learning a new cloud can be frighting: do I configure this right? And, when I click here, don’t I end up with a huge bill at the end of …
VNet peering in Azure
Introduction I looked into virtual network peering peering in Azure and I saw something that looked rather strange to me. Let me explain what it was, how VNet peering …
How to add a user in Azure Active Directory
Adding a user in Azure Active Directory caused some troubles: it didn’t work as I thought it would. Let me explain. Adding the user I went to Azure Active …
Playing with AI in Azure
When I was learning about Azure AI, I asked myself the question: “how far is AI? What can it determine – and what is impossible (yet)?” A nice tool …
Using one-time upload URLs in AWS with S3 versioning
In this blog, I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly …
Using one-time upload URLs in AWS with Memcached
In this blog I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly …
Using one-time upload URLs in AWS using DynamoDB
In this blog, I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly …
Some end-of-year remarks about the AWS Shop Example
It is the end of the year: time to look back, time to look forward. In the past year, I had a lot of extra time because of the …
AWS Lambda: shared libraries (and SAM)
In June I wrote a blog series about the AWS Shop Example. In this series, I also wrote about X-Ray . I like X-Ray: you can see how much …
AWS blog series part 6: speed up the use of the ELB Health Status
It took me a while, but then this blog series was ready: five blog articles about Windows Failover Clustering and Auto Scaling Groups with one node. I was happy, …
AWS blog series part 5: Start PowerShell script after a reboot when Windows fails to do so
You might have wondered in the second blog of this series , why I mentioned the possibility that the Task Scheduler didn’t start after a reboot in the “on-premise” …
Windows Failover Cluster on AWS part 4: Construction of the CloudFormation scripts
Introduction If you follow along in this blog series , I can imagine that if you deployed the CloudFormation scripts, that you think “wow, how does it work”. In …
AWS Migration part 3: The technique behind Windows Failover Cluster on AWS
Introduction In the previous two blogs , I showed that it is is possible to implement a Windows Failover Cluster in AWS. In this blog, I will explain the …
Windows Failover Cluster Migration to AWS part 2: installation
Introduction In the previous blog I showed the different solutions that there are to migrate an on-premise Windows Failover Cluster environment to AWS. I also showed how fast (or …
AWS Migration part 1: how to migrate Windows Failover Clustering servers to AWS?
Introduction In this series, I will look at the migration from on-premise Windows Failover Clusters to AWS. What is the difference in recovery times between the application on-premise, the …
AWS Shop example: Amazon X-Ray
Introduction We are in production with our shop example . We’d like to get some statistics about our implementation: how often are the Lambda functions called? How fast are …
AWS Shop example: SNS duplicate messages
Introduction Our shop example is now in production, wohoo!!! When you are using our example program in production, you might see that some sales are updated multiple times in …
AWS Shop example: step functions
Introduction When you follow along in this series , you might have been irritated by the amount of work to test your functions. It isn’t a problem to test …
AWS Shop example: Smoke and performance tests
Introduction In the previous blog, I talked about unit tests of the AWS Shop example . Today, I will continue with a smoke test and a performance test. Smoke …
AWS Shop example: unit tests
Introduction In the last six blogs , I showed you an application that used AWS to process the sales from a cashing machine. This series continues with tests for …
AWS Shop example: API Gateway (2)
Introduction Last time, I talked about the API Gateway . The URL that we used last time has randomness in it: it looks like https://54dwcigu3a.execute-api.eu-west-1.amazonaws.com/prod/shop. When you destroy the …
AWS Shop example: the API Gateway (1)
Introduction You might have noticed that we skipped the API Gateway up to now . I will write two blogs about the API Gateway. In this one, we follow …
AWS Shop: DynamoDB, the AWS NoSQL database
Introduction The ultimate goal of our shop application is to update the AMIS-shop table in the DynamoDB service. In this blog, I will tell a little bit more about …
AWS Shop: about the AWS Simple Notification Service (SNS)
Introduction Today we’ll look at the AWS Simple Notification Service. We have two of them in our shop: one to get messages from the accept-lambda function and send them …
AWS shop example: Lambda
Introduction In the previous blog , I wrote about an example shop application in AWS. Let me show the AWS architecture of this shop again: In this blog, I …
Example application in AWS using Lambda
Introduction I have to admit: I love serverless. Serverless computing is using the cloud as it is supposed to be used: it scales up when you need more capacity, …
Policies in AWS (2)
Yesterday I published a blog about AWS policies. We used the IAM wizard to create a policy. When you try to use this policy with the users we created, …