Getting ISO 27001 certified as a 2-person company

For more than five years, we have been selling software to customers worldwide. But so far, we mainly sold software solutions that customers run on their own cloud infrastructure. Last year, we started attachmentAV, a Software-as-a-Service (SaaS) soluti...

S3 Virus Scan and Malware Protection Step-by-Step Guide

Do users or 3rd party systems upload data to your S3 buckets? How do you ensure that viruses, trojans, ransomware and other kinds of malware are detected before causing harm? Besides sharing our learnings about all things AWS at cloudonaut, we’re build...

Reduce GitHub runner costs by leveraging EC2 spot instances

We learned the hard way, that GitHub Actions is getting expensive when using GitHub-hosted runners. Back in 2023, we decided to build a solution for self-hosted runners on AWS to reduce costs. A few months later, we released HyperEnv to the public. Over...

10th anniversary - our story

Today, we -the Wittig brothers- are celebrating the 10th anniversary of our company. Here we want to tell our story and say thank you! PrehistoryIn 2012, Michael and I joined the same team at Tullius Walden Bank with the mission to build a trading plat...

How to move a DynamoDB table to another region or account?

How to move data from one DynamoDB table to another? For example, when it becomes necessary to move a DynamoDB table to another account or region. In the following blog post, I will discuss three different options to move DynamoDB tables by backing up a...

Optional DependsOn with CloudFormation: Metadata to the rescue

When working with AWS CloudFormation, sometimes it’s necessary to incorporate optional dependencies into your template. Recently, I encountered a situation where I had to build a single CloudFormation template to manage both a VPC and an application—tho...

Updated CloudFormation vs Terraform in 2022

The most reliable way to automate creating, updating, and deleting your cloud resources is to describe the target state of your infrastructure and use a tool to apply it to the current state of your infrastructure (see Understanding Infrastructure as Co...

Updated Amazon ECR vs. Docker Hub vs. GitHub Container Registry

Have you worked with a Linux package manager like apt or yum before? A container registry is similar, but instead of packages, it distributes container images. A container registry is a crucial aspect of a containerized workflow and infrastructure. This...

Updated Managing application secrets: SSM Parameter Store vs. Secrets Manager

Many applications interact with external or internal systems like databases or REST APIs. When your application talks to another system, it usually authenticates with a secret, e.g., an API key, username + password, or a certificate. This leads to the q...

[cloudonaut podcast] Vol. 93 - Get ready for ISO 27001

S3 Virus Scan and Malware Protection Step-by-Step Guide 🦠✋

[cloudonaut podcast] Vol. 92 - The Cloud Control API is catching up!

[cloudonaut podcast] Vol. 91 - Cloudflare R2 Same Same But Different

#093 Getting ISO 27001 certified as a 2-person company

Getting ISO 27001 certified is not just boring paperwork. We discuss what we've learned and how we improved information security for our customers. Also, Michael shares how to run Amazon Linux 2023 on small machines like t3.nano.

#092 The Cloud Control API came a long way

Learn how to work around missing resources in Terraform by using the Cloud Control API and the awscc Terraform provider. Also, Michael shares what he learned from migrating a workload from Amazon Linux 2 to Amazon Linux 2023. Last but not least, Andreas...