During some R&D for a new blog post, I experimented with IAM conditions in Trust Policies. Some small mistakes during this led to instances that have limited privileges according to the AWS Web Console and CLI. But in reality, they can work with administrative permissions for a few hours - unnoticed. Have I piqued your interest? Let’s see how to reproduce this effect then.
Working with CSV files and Big Data tools such as AWS Glue and Athena can lead to interesting challenges. In this blog I will explain to you how to solve a particular problem that I encountered in a project - the HIVE_PARTITION_SCHEMA_MISMATCH.
Lambda Event filters are a great addition to our serverless toolbox and allow us to both simplify our code as well as save money. That’s great, but they can also delete messages from your SQS-queues if you’re note careful. In this post I’m going to show you what to watch out for.
Detect the crack in the window (or the lambda library) before it breaks: As we have seen during the last month, also well known libraries like log4j can have previously unknown vulnerabilities. Therefore scanning your Lambda application before deploying is not enough! What happens if a new cybersecurity vulnerability occurs while your functions are running? Solution: Amazon Inspector. Only problem: it`s not available for Lambda yet. Fortunately, you can deploy Lambda with container images and Inspector will continuously scan these images for you. Want to know how set up Lambda & Inspector and see how evil Node vulnerabilities are detected? Read on!
In this post I’m going to explore how the new event filters in AWS Lambda can be used to implement the data model for a video streaming website in DynamoDB. I’ll explain why this feature makes your code simpler and allows you to save money in the process.
The CDK Book The CDK Book “A Comprehensive Guide to the AWS Cloud Development Kit” is a book by Sathyajith Bhat, Matthew Bonig, Matt Coulter, Thorsten Hoeger written end of 2021. Because the CDK itself is polyglott with jsii, the TypeScript examples are automatically translated in other languages. So the example CDK code used in the book is jsii generated, and there are samples for TypeScript, Python, Java and C#.
Over many years, we have now read warnings about the exhaustion of available IPv4 addresses. So far, there still seem to be ways and ideas on how to extend their lifetime (by approaching large organizations, using NAT, re-dedication of 240.0.0.0/4, and so on). Switching over to the much-dreaded IPv6 sounds easy, but even minor things can still cause problems. So what is the current state of AWS with this topic? And how did the landscape change during re:Invent 2021?
This post explains how you can ingest data from a MQTT broker such as VerneMQ into your data lake via IoT Core and Kinesis Data Firehose. We’ll set up a data processing pipeline from start to finish in Terraform.
