Page 22

School's Out For Summer

Michael and I have just returned from a trip to France where we enjoyed the sun, the beach, the pool, and - of course - the cheese. We are giving away 25 printed books Amazon Web Services in Action to students who are keen to get started with AWS during...

AWS CloudTrail: your audit log is incomplete

Recently, I was investigating the size of a security breach caused by leaked AWS credentials. The first place to go in such a scenario is the audit log recorded by CloudTrail. When configured correctly, CloudTrail captures the requests to the AWS API an...

EFS with TLS behind a proxy

Encryption of data at rest and in transit is the new normal. Or as Werner Vogels (Amazon, CTO) says: “Dance like nobody’s watching. Encrypt like everyone is.” The Amazon Elastic File System (EFS) supports both: encryption at rest and encryption in trans...

AWS SSM is a trojan horse: fix it now!

Recently, I held a security workshop together with a team of engineers. At some point, the team demonstrated how they use AWS Systems Manager (SSM) to run commands on a machine. What the team didn’t know: they enabled a backdoor that allows everyone wit...

More than 25 SSL certificates with ECS

Both the Application Load Balancer (ALB) and the Network Load Balancer (NLB) provide TLS/HTTPS listeners allowing you to encrypt the data in transit from the clients to your cloud infrastructure. Together, with the Amazon Certificate Manager (ACM) ...

Cronjob at the edge with AWS IoT

I’m working on a project where I have to manage a cronjob that runs on a small computer with an unreliable Internet connection. I want to configure the cronjob schedule expression (e.g., 0 10 * * *) remotely but the cronjob should not be interrupted if ...

Download YouTube videos with AWS Lambda and store them on S3

Recently, I was faced with the challenge to download videos from YouTube and store them on S3. Sounds easy? Remember than Lambda comes with a few limitations: 512 MB of disk space available at /tmp 3008 MB of memory 15 minutes maximum execution time ...

6 new ways to reduce your AWS bill with little effort

The last time we wrote about how to save AWS costs was at the end of 2015. AWS has changed a lot since then. It’s time for an update with six new tips to save AWS costs with little effort. EC2 AMD InstancesAWS introduced AMD-powered EC2 instances that...

Monitoring EC2 Network Utilization

This post was originally published on the marbot blog. Are you monitoring the network utilization of your EC2 instances? Why not? The network is one of the rare resources that will limit your workload’s maximum throughput: CPU Memory Network Disk GPU...

Own your analytics data: Replacing Google Analytics with Amazon QuickSight

Making decisions based on data is compelling. Especially, when you wrestle with the most straightforward decisions like me. Google Analytics is the de-facto standard for tracking your customers while clicking through your websites and applications. I’ve...