AWS has released a new version of the metadata service that will better secure
instance metadata against attackers. In this post, I will discuss the risk of hackers
gaining access to the instance metadata service and how the latest update mitigates the risk.
I have been on the ground in many different phases of cloud migrations and have witnessed the many perils associated. In this post, I will talk about the different issues I have experienced first hand with customers going through a cloud migration.
Many people are moving to utilizing Function as a Service (FaaS) offerings
to deploy their applications to the cloud. How do we take advantage of the
benefits of FaaS while mitigating the risks associated with vendor lockin?
What if we want to deploy across multiple cloud providers? In this post, I
will be discussing how to isolate your vendor dependencies in a boundary
layer when writing serverless applications.
Using a combination of S3 and CloudFront, hosting a static website in AWS is simple and very affordable. In this post, I discuss the architecture of such a solution and the reference implementation I have created to get you started.
Previously I discussed how to prevent a security incident similar to the one that occurred at Capital One earlier this year. In this post,I will expound further on what went wrong there from a data protection perspective and make recommendations on how to protect your data hosted in S3.
This week a massive data breach at Capital One was announced. In this
case, an internal actor was able to presumably use insider information to gain access to data stored in S3. In this article I will examine this data breach and provide best practices to prevent this from happening to your organization.
CDK, CloudFormation, and Terraform are frameworks for managing cloud infrastructure using code. In this post, we will look at these options, compare and contrast them, and discuss what types of organizations should use take which approach.
AWS Marketplace empowers users to get quickly started using many products and services in AWS. However, proper
governance should be put into place to approve said products. In this post, we will discuss using AWS Private
Marketplace as an integral step in an approval process.
Modern, best of breed, continuous integration tools allow developers to
define their delivery pipeline as code and store it in the repository
alongside the application source code. Doing so allows you to manage
your pipeline much like you would your application source code. In this
post, we will go over how to accomplish this using AWS CodeCommit,
AWS Lambda, AWS CodePipeline, and AWS CloudFormation. This approach will
also enable branch-based builds for CodePipeline, a large gap in the
CodePipeline feature set currently.