Deploying Java Lambdas using AWS CDK and Maven

Java is one of the most popular language in use today. However, I have not run across a lot of people using Java with AWS Lambda or CDK. In this post, I will demonstrate how to deploy Java to AWS Lambda using AWS CDK and provide a sample repo structure to copy for your own purposes.

Managing Route53 DNS with Terraform and CDK in 100 LOC or less

An easier way to manage Route53 zones across multiple accounts

AWS CLI Cheatsheet

Useful commands to use with the AWS CLI

Reusing resources across multiple pipelines with AWS CodePipeline

One of the limitations of CodePipeline currently is that there is not a good way to use common components across multiple pipelines. You may want to do this so you do not have to duplicate buildspecs or other files to be used in different repositories. In this post, I will show a strategy for reusing artifacts across multiple pipelines.

Protecting your Instance Metadata

AWS has released a new version of the metadata service that will better secure instance metadata against attackers. In this post, I will discuss the risk of hackers gaining access to the instance metadata service and how the latest update mitigates the risk.

7 Reasons Your Cloud Migration Will Fail

I have been on the ground in many different phases of cloud migrations and have witnessed the many perils associated. In this post, I will talk about the different issues I have experienced first hand with customers going through a cloud migration.

Building a Cloud Agnostic Serverless Web Application

Many people are moving to utilizing Function as a Service (FaaS) offerings to deploy their applications to the cloud. How do we take advantage of the benefits of FaaS while mitigating the risks associated with vendor lockin? What if we want to deploy across multiple cloud providers? In this post, I will be discussing how to isolate your vendor dependencies in a boundary layer when writing serverless applications.

Hosting a Static Website in AWS with S3 and CloudFront

Using a combination of S3 and CloudFront, hosting a static website in AWS is simple and very affordable. In this post, I discuss the architecture of such a solution and the reference implementation I have created to get you started.

Further Decomposing the Capital One Incident

Previously I discussed how to prevent a security incident similar to the one that occurred at Capital One earlier this year. In this post,I will expound further on what went wrong there from a data protection perspective and make recommendations on how to protect your data hosted in S3.

Lessons Learned from the Capital One Data Breach

This week a massive data breach at Capital One was announced. In this case, an internal actor was able to presumably use insider information to gain access to data stored in S3. In this article I will examine this data breach and provide best practices to prevent this from happening to your organization.