#highlight | Highlight (1)

Our favorite blog posts handpicked for you.

Review: AWS Fault Injection Simulator (FIS) – Chaos as a Service?

AWS allows us to run applications distributed across EC2 instances and availability zones. By adding load balancers or message queues to the architecture, we can achieve fault tolerance or high availability. But how can we test that our system can survi...

Cheap, Durable, Fast. How to choose an EBS volume type?

Elastic Block Storage (EBS) provides solid state drives (SSD) and hard disk drives (HDD) for EC2 instances. The virtual machine accesses the persistent storage via the network. In December 2020, AWS announced another volume type called General Purpose S...

How to Become an AWS Certified Solutions Architect

In 2012, I created my first AWS account. Back then, I worked as a software engineer and was looking for a way to deploy an online trading platform. Two years later, I attended re:Invent — the yearly conference organized by AWS — in Las Vegas for the fir...

What's the CO² footprint of your architecture?

Fighting climate change is one of the biggest challenges of our days. When designing an architecture, there are many important factors to consider: security, reliability, performance and costs. I’d like to add another factor to that list: the CO² footpr...

3½ ways to workaround missing CloudFormation support

Are you following the Infrastructure as Code approach using CloudFormation? If so, I bet you encountered a situation where CloudFormation misses support for a service’s latest features. I run into those issues weekly! So what can we do about it? Do yo...

Unusual AWS Architectures

AWS provides many building blocks. As architects, we have to choose the right building blocks to construct our systems. But sometimes, the proper building block is not available, and we have to make compromises. In this blog post, I show four unusual AW...

Amazon EventBridge versus Amazon SNS: What's the difference?

Amazon EventBridge (formerly CloudWatch Events) and Amazon SNS provide a way to send events to multiple subscribers. From a high-level perspective, both services are similar. This leads to the question: But how are they different? What advantages do the...

Comparing API Gateways on AWS

Of the different API gateways offered by AWS, which option fits your needs? An API Gateway is “a server that acts as an API front-end, receives API requests, enforces throttling and security policies, passes requests to the back-end service, and then pa...

Getting started with IPv6 on AWS

In mid-2019, AWS paid ~$108M to access 4 million IPv4 addresses from Amateur Radio Digital Communications - $27 per IP address. The reason why AWS spends so much money on IPv4 addresses is simple: There are no free IPv4 addresses that regional internet ...

Unboxing Amazon Timestream

My first job after graduation in 2011 was all about time-series data. My first task was to connect an exchange data feed with our on-premises time-series database (we used kdb+ by KX Systems). Whenever the exchange matches a buyer and seller, a trade is...

Caching on AWS 101

Oftentimes, the idea of adding a caching layer arises when users start complaining about the performance of an application. Adding a cache to your architecture does not solve all problems — especially when implementing that change under pressure to fix ...

Have you replaced IAM Users with AWS SSO yet?

The most secure option to isolate workloads from each other is to use multiple AWS accounts. Many organizations use different AWS accounts for testing and production, for example. The more AWS accounts you use, the more complicated it gets to manage use...

Record AWS API calls to improve IAM Policies

Have you ever looked at an IAM policy and wondered: Is it really necessary to grant access to this specific action? Or do you need to know which API calls a legacy or 3rd party application is actually sending to come up with a secure IAM policy? CloudTr...

NoSQL on AWS: Document-Oriented Databases

A document-oriented database stores keys mapped to JSON documents. You can query all documents in such a document-oriented database and retrieve only parts of documents to save network bandwidth. This is a cross-post from the Cloudcraft blog. A data ...

Review: AWS App Mesh – A service mesh for EC2, ECS, and EKS

It seems to me like everyone is talking about service meshes these days - definitely a hot topic in the world of containers and microservices. A service mesh promises reducing latency, increasing observability, and simplifying security within microservi...

10 Obstacles for Lift & Shift Architectures

The cloud is not only about greenfield projects. Over the last few years I have accompanied several enterprises in large migration projects from on-premises to the Amazon Web Services (AWS). This blog post gives an overview of typical obstacles for lift...

How do you choose the best storage option on AWS?

Choosing storage service is critical when designing a cloud architecture. Read on to learn about the characteristics, limitations, typical use cases, and a decision tree for the following options to store data on AWS: Instance Store provides low latenc...

Use multiple AWS accounts, but keep it simple!

Getting started with AWS is a challenge. Unlimited possibilities, competing solutions, and distractions. Even the first step to create an AWS account requires careful planning. AWS marketers promote the AWS Landing Zone solution. Consulting partners add...

Messaging on AWS

Previously, I compared all database options offered by AWS for you. In this post, I compare the available messaging options. The goal of messaging on AWS is to decouple the producers of messages from consumers. The messaging pattern allows us to process...

Containers vs. Serverless: Thoughts About Your Cloud Strategy

There are many ways to build on AWS. When shaping the strategy for your organization, the following two options should be on your shortlist. Containers: Package your source code into containers and leverage AWS’s fully-managed services, providing the c...