Cloudonaut Teaser

Welcome to cloudonaut

Your launchpad for Amazon Web Services (AWS)

By Andreas & Michael Wittig. Since 2015, we published 382 articles, 86 podcast episodes, and 94 videos.

Start reading

Welcome to cloudonaut

Your launchpad for Amazon Web Services (AWS)

By Andreas & Michael Wittig.

Start reading
Cloudonaut Teaser

How to reduce costs for GitHub Actions?

GitHub Actions is my favorite CI/CD solution. Over the past year, I gradually switched all projects from CodePipeline to GitHub Actions. To this day, I enjoy the smooth user experience. However, GitHub-hosted runners quickly become a big item on GitHub’...

Read on

KMS Key Policy Privilege Escalation

Encrypting data at rest is a widespread best practice on AWS. In 2019, Werner Vogels set the tone with his motivational slogan, “Dance like nobody’s watching. Encrypt like everyone is!”. AWS shipped the ability to encrypt data at rest for almost all its...

Read on

Connect GitHub Actions with AWS VPC

GitHub Actions is my preferred CI/CD solution. I’m using GitHub Actions to build and deploy applications on AWS. However, GitHub Actions does not have access to private subnets, which is required in the following scenarios: Execute database migrations ...

Read on

Protect Amazon Connect from viruses and malware by scanning attachments

Four years ago, we stumbled into Amazon Connect. In essence, Amazon Connect allows your users to reach your organization represented by agents via phone or chat. While chatting, Amazon Connect allows users and agents to upload attachments. For many year...

Read on

Worldwide availability of EC2 instance types

The promise sounds tempting; with AWS, you can roll out your infrastructure in 28 regions worldwide. Indeed, it is an eye-opening moment when rolling out the same infrastructure into multiple regions to serve users in different parts of the world. Howev...

Read on

How to monitor container workloads running on ECS and Fargate?

How do you monitor a container workload running on ECS (Elastic Container Service) and Fargate with on-board resources? Here are the prioritized aspects when it comes to monitoring containers on AWS. Event-driven monitoring with EventBridge Monitoring ...

Read on

Using DynamoDB Entity Store for cleaner TypeScript code

DynamoDB is a cloud-hosted NoSQL database from Amazon Web Services (AWS). DynamoDB is popular for two main reasons: It scales extremely effectively with little operational effort Since it is a serverless service it is also cheap, simple, and quick to r...

Read on

Updated CloudFormation vs Terraform in 2022

The most reliable way to automate creating, updating, and deleting your cloud resources is to describe the target state of your infrastructure and use a tool to apply it to the current state of your infrastructure (see Understanding Infrastructure as Co...

Read on

Updated Amazon ECR vs. Docker Hub vs. GitHub Container Registry

Have you worked with a Linux package manager like apt or yum before? A container registry is similar, but instead of packages, it distributes container images. A container registry is a crucial aspect of a containerized workflow and infrastructure. This...

Read on

Updated Managing application secrets: SSM Parameter Store vs. Secrets Manager

Many applications interact with external or internal systems like databases or REST APIs. When your application talks to another system, it usually authenticates with a secret, e.g., an API key, username + password, or a certificate. This leads to the q...

Read on

🔥 AWS News Check: New AWS Region in Mexico is in the works

🔥 AWS News Check: API Gateway now supports TLS 1.3

🔥 AWS News Check: AWS Resource Explorer supports 65 new resource types

[cloudonaut podcast] Vol. 87 - Automate all the release processes!

#087 Automate all the release processes!

Andreas and Michael are sharing their learning while building on AWS. This episode is about automating the release process of bucketAV, a software product sold on the AWS Marketplace. Besides that, Andreas and Michael discuss how to reduce costs for Git...

Start listening

#086 Overwhelmed by Security Hub

Andreas and Michael are sharing their learning while building on AWS. This episode is about AWS Security Hub and how to get any value out of the predefined security controls. Besides that, Andreas and Michael celebrate their 9th company anniversary by g...

Start listening

Review: AWS Fault Injection Simulator (FIS) – Chaos as a Service?

AWS allows us to run applications distributed across EC2 instances and availability zones. By adding load balancers or message queues to the architecture, we can achieve fault tolerance or high availability. But how can we test that our system can survi...

Read on

Cheap, Durable, Fast. How to choose an EBS volume type?

Elastic Block Storage (EBS) provides solid state drives (SSD) and hard disk drives (HDD) for EC2 instances. The virtual machine accesses the persistent storage via the network. In December 2020, AWS announced another volume type called General Purpose S...

Read on

How to Become an AWS Certified Solutions Architect

In 2012, I created my first AWS account. Back then, I worked as a software engineer and was looking for a way to deploy an online trading platform. Two years later, I attended re:Invent — the yearly conference organized by AWS — in Las Vegas for the fir...

Read on
Andreas Wittig and Michael Wittig

Hej, Andreas & Michael here!

We launched the cloudonaut blog in 2015. Since then, we have published 382 articles, 86 podcast episodes, and 94 videos.

Besides sharing our learnings about all things AWS on cloudonaut, we're currently working on bucketAV, HyperEnv for GitHub Actions, and marbot.

To support our work on cloudonaut, please subscribe to our newsletter, podcast, or YouTube channel and share our content with your friends and coworkers.