Page 13

AWS needs a bug bounty program

A few weeks ago, while evaluating an AWS service, I stumbled upon an issue with the way the AWS API evaluates IAM policies for a particular IAM action. I contacted aws-security@am&#x...

Record AWS API calls to improve IAM Policies

Have you ever looked at an IAM policy and wondered: Is it really necessary to grant access to this specific action? Or do you need to know which API calls a legacy or 3rd party application is actually sending to come up with a secure IAM policy? CloudTr...

NoSQL on AWS: Document-Oriented Databases

A document-oriented database stores keys mapped to JSON documents. You can query all documents in such a document-oriented database and retrieve only parts of documents to save network bandwidth. This is a cross-post from the Cloudcraft blog. A data ...

Review: AWS App Mesh – A service mesh for EC2, ECS, and EKS

It seems to me like everyone is talking about service meshes these days - definitely a hot topic in the world of containers and microservices. A service mesh promises reducing latency, increasing observability, and simplifying security within microservi...

Workaround: CodePipeline for GitHub Enterprise

There is no question that AWS has a strong focus on customer obsession. However, sometimes it takes forever until popular feature requests get implemented. A good example: CodePipeline - the continuous delivery service - does support all kinds of source...

(Erratum) VPC Endpoint increases DynamoDB latency by 30%

Our reader Tom wrote in to tell me, that the latency for read requests to DynamoDB increased significantly after enabling a VPC endpoint a few weeks ago. Someone else reported a similar problem in the AWS discussion forums as well. Therefore, I started ...

10 Obstacles for Lift & Shift Architectures

The cloud is not only about greenfield projects. Over the last few years I have accompanied several enterprises in large migration projects from on-premises to the Amazon Web Services (AWS). This blog post gives an overview of typical obstacles for lift...

AWS Month in Review: July 2020

The world of AWS changes fast. This review summarizes the most important news from July 2020. The roundup does not include version updates, region expansion news, and minor changes. Instead, we focus on the most important news. But not only that! Our mo...

How do you choose the best storage option on AWS?

Choosing storage service is critical when designing a cloud architecture. Read on to learn about the characteristics, limitations, typical use cases, and a decision tree for the following options to store data on AWS: Instance Store provides low latenc...

Run the AWS CLI v2 inside Docker

The last time I bought a new laptop, I decided to install it from scratch. My goal: keep the installation as clean as possible. Run anything inside Docker containers. Especially the development environments. I work for many clients. I often encounter si...