External terraform modules can speed up IAC deployments, promote code reuse, and let us do things more consistently. In this post, I will demonstrate 2 ways to use an external module.
External terraform modules can speed up IAC deployments, promote code reuse, and let us do things more consistently. In this post, I will demonstrate 2 ways to use an external module.
In this demo, I will use Cloudformation StackSets to create an IAM group in all accounts.
If you have 10s of security group rules, it’s not effective to use aws_security_group_rule directly. Here I use a map and feed it to a module.
Recently, I’m tasked to transfer a set of AWS accounts to another cloud service provider. I realize there is not a simple way to capture the organizational tree structure. Knowing the tree structure is quite important in understanding the net effects of SCP. A python script is developed to solve this problem.
In this example, I will deploy a software router between Internet Gateway and a workload EC2 instance. All traffic will be routed through the software router. With this setup, I can gain visibility on network traffic. I can also control the traffic with iptables, such as rate limit certain type of network requests.
AWS Migration Hub provides a set of tools for planning your migration to cloud. An agent needs to be installed either inside the OS or on the hypervisor. Captured usage will be used to make recommendation on migration approach and even sizing. In this example, I will put agents to 2 Linux VMs and then…
If you ever need to take over management of an AWS farm, it’s very likely you will need to attach SG to all instances. Be that for monitoring or access. Here is a bash script to add 1 SG to all instances. You will need to first setup a profile on awscli. Then run the…
AWS introduced 5th-generation EC2 instances in selected regions. These instances live on Nitro which is KVM based. These c5 and m5 instances are faster yet cheaper. The switch however cannot be done by a simple instance type change.
ALB is a layer7 load balancer on AWS. It offers more features than ELB. You can find out more about it on https://aws.amazon.com/elasticloadbalancing/applicationloadbalancer/ Recently, I was asked to look into a random 504 issue with ELB. Because there is not a lot to configure on ELB and it’s pretty much a black box, I wasn’t…
Check out my recent wiki page on how to schedule snapshot backups on AWS using Lambda. https://www.headdesk.me/Lambda Lambda is much more powerful then this. Using it together with S3 / SNS / SQS / etc allow deployment of business applications / workflows truly on cloud.