🎉 We are launching a new weekly show: Hot off the Cloud

🎉 We are launching a new weekly show

#ec2 | Amazon EC2 (1)

All about utilizing and managing virtual machines on AWS.

Show Me Your Architecture Vol. 1: Scanning S3 buckets for malware

Through the AWS documentation, books like AWS in Action or AWS trainings you can gain theoretical knowledge. But beyond that, it is very valuable to learn directly from practice. In this series, we inspect real-life AWS architectures. We start with Andr...

Read more

Connect to your EC2 instance using SSH the modern way

Did you know that establishing an SSH connection with an EC2 instance is possible without configuring a key pair and allowing inbound traffic on port 22? How is that possible? The secret is a combination of EC2 Instance Connect and Systems Manager (SSM)...

Read more

How to set up Jenkins on AWS?

What’s the best way to run Jenkins on AWS? As Jenkins is still a popular automation server used for continuous integration and deployment, consulting clients have engaged me to design and implement a cloud architecture for Jenkins several times in recen...

Read more

EBS Snapshot Pitfalls: Does your backup withstand reality?

Does your disaster recovery plan deliver what it promises? Here are three reasons why your plan won’t stand up to reality. Learn about common pitfalls when backing up EC2 instances with the help of EBS snapshots. A crash-consistent snapshot leads to da...

Read more

EC2 Checklist: 7 things to do after launching an instance

Launching an EC2 instance takes minutes. Keeping your virtual machines secure and maintaining your VMs is more work. In this blog post, I share seven things to do after launching a Linux, Windows, or macOS instance: Configure remote access with SSM Ses...

Read more

Choosing the best way to scale EC2 instances on demand

Migrating workloads into the cloud — and specifically to AWS — comes with many advantages. You can operate workloads in new ways. When you only pay for what you use and add capacity within minutes, the world of auto-scaling opens up. When your workload ...

Read more

Cheap, Durable, Fast. How to choose an EBS volume type?

Elastic Block Storage (EBS) provides solid state drives (SSD) and hard disk drives (HDD) for EC2 instances. The virtual machine accesses the persistent storage via the network. In December 2020, AWS announced another volume type called General Purpose S...

Read more

Unusual AWS Architectures

AWS provides many building blocks. As architects, we have to choose the right building blocks to construct our systems. But sometimes, the proper building block is not available, and we have to make compromises. In this blog post, I show four unusual AW...

Read more

Transition to IMDSv2 on EC2 - Introduction, Preparation, Pitfalls

IMDSv2 can improve EC2 security. For a couple of weeks, AWS Foundational Security Best Practices recommends that EC2 instances use IMDSv2 (control EC2.8). This video explains why IMDSv2 is useful and what attacks it protects you against, including a li...

Read more

How do you choose the best storage option on AWS?

Choosing storage service is critical when designing a cloud architecture. Read on to learn about the characteristics, limitations, typical use cases, and a decision tree for the following options to store data on AWS: Instance Store provides low latenc...

Read more

Building with EC2: 10 Tips for the Successful Cloud Architect

Despite the Kubernetes and Serverless hypes, the vast majority of cloud workloads still happen on virtual machines. AWS offers the Amazon Elastic Compute Cloud (EC2) service, where you can launch virtual machines (AWS calls them instances). The EC2 serv...

Read more

CloudWatch Metrics & Alarms reloaded

Amazon CloudWatch improved significantly over the years. It’s time to look at its monitoring capabilities again. CloudWatch is an excellent starting point to implement enhanced monitoring on AWS. In this blog post, I demonstrate what you can do with Clo...

Read more

Seamless EC2 monitoring with the Unified CloudWatch Agent

Shipping logs and metrics from an EC2 instance to CloudWatch was painful in the past. By default, you only get metrics about CPU utilization, disk and network IO. The missing pieces are metrics about memory and disk usage and logs. Plenty of different o...

Read more

What's the best AWS Compute option for your project?

There are many good reasons why you should move to the cloud and AWS in particular. Benefit from the latest innovations or consume sophisticated technology as a commodity (relational databases, Hadoop clusters, data warehouses, …) to lower your time to ...

Read more

EC2 Instances 2.0 - Time to Update Your Toolbox

Amazon Elastic Compute Cloud (EC2) has more than 13 years of public history and is one of the oldest AWS services. EC2 is a mature service that reinvented itself many times: From EC2 classic to Amazon VPC. From SSH access to AWS SSM Session Manager. Fr...

Read more

Combine CloudWatch metrics for Auto Scaling or to reduce costs

Every part of your AWS infrastructure emits utilization metrics. Amazon CloudWatch collects these metrics and allows you to visualize them as well as to define alarms. AWS announced an exciting new feature allowing you to combine multiple metrics recent...

Read more

Reduce your AWS bill with Savings Plans

We are getting used to consuming compute capacity on-demand. The pay-per-use model is an essential benefit of the cloud. However, the cloud provider has to build data centers and buy hardware in advance. Doing so requires capacity planning and upfront i...

Read more

EC2 Instance Connect is an insecure default!

Two months before, Michael wrote about why AWS SSM is a trojan horse. Shortly after that, AWS released EC2 Instance Connect, which is even worse. If you use Amazon Linux 2 or Ubuntu, the chances are high that everyone in your AWS account can SSH into ev...

Read more

Monitoring EC2 Network Utilization

This post was originally published on the marbot blog. Are you monitoring the network utilization of your EC2 instances? Why not? The network is one of the rare resources that will limit your workload’s maximum throughput: CPU Memory Network Disk GPU...

Read more

Goodbye SSH, use AWS Session Manager instead

SSH is great. But the AWS Session Manager - whose full name is AWS Systems Manager Session Manager - matches the needs for interacting with your EC2 instances even better. BenefitsYou should think about replacing SSH with the AWS Session Manager becaus...

Read more