https://tferdinand.net/en/categories/aws/Recent content in AWS on Teddy FerdinandHugoen-USFri, 30 Oct 2020 15:34:38 +0000https://tferdinand.net/en/aws-iam-between-dream-and-nightmare/Sun, 16 Aug 2020 04:51:07 +0000https://tferdinand.net/en/aws-iam-between-dream-and-nightmare/<p>I have been using AWS professionally for over 4 years now.</p> <p>To be a bit old-fashioned, when I started on AWS, the following services and features did not exist:</p> <ul> <li>The ALB/NLB</li> <li>ACM</li> <li>ElasticSearch Service</li> <li>Lambda inside a VPC or with the duration of more than 5 minutes</li> <li>ECS/EKS/ECR</li> </ul> <p>During these 4 years, I had the opportunity to do a lot of IAM, essential to deploy secure solutions on Amazon.</p> <h2 id="iam-and-least-privilege">IAM and least privilege</h2> <p>Identity and Access Management (IAM) is the AWS service that defines users or roles and their associated permissions.</p>https://tferdinand.net/en/accelerate-the-test-of-your-lambda-functions-with-docker/Mon, 27 Apr 2020 06:00:00 +0000https://tferdinand.net/en/accelerate-the-test-of-your-lambda-functions-with-docker/<p>Lambda is a very powerful AWS tool. Executing scripts in serverless mode drastically reduces the cost and complexity of managing a scalable infrastructure, however, testing its functions directly on Lambda can sometimes be frustrating as it requires round trips between the development station and the AWS environment.</p> <p>There are testing features built into the AWS toolkit for the most popular editors (<a href="https://aws.amazon.com/visualstudiocode/">for Microsoft Visual Studio Code</a> / <a href="https://aws.amazon.com/pycharm/">PyCharm</a>, for example), however, this restricts the possible editors and creates an adherence that is not particularly desirable.</p>https://tferdinand.net/en/understanding-the-success-of-the-serverless-model/Thu, 19 Dec 2019 12:30:30 +0000https://tferdinand.net/en/understanding-the-success-of-the-serverless-model/<p>Anyone who has ever done infrastructure on a cloud provider has already heard of the serverless model, behind this name is actually hiding many aspects. Let&rsquo;s take a look&hellip;</p> <h2 id="the-serverless-model-logical-evolution-of-containers">The serverless model: logical evolution of containers?</h2> <p>For several years now, we have been talking about containers. A revolution over the last 5 years, containers (and orchestrators) have profoundly changed the approach to infrastructure, allowing applications composed of microservices to be deployed more and more simply and quickly. I won&rsquo;t talk about this evolution here.</p>https://tferdinand.net/en/terraform-vs-cloudformation-which-tool-to-deploy-on-aws/Fri, 13 Dec 2019 11:00:00 +0000https://tferdinand.net/en/terraform-vs-cloudformation-which-tool-to-deploy-on-aws/<p>Terraform or CloudFormation, the two tools are often pitted against each other, asking DevOps to decide and choose one tool or the other. However, from my point of view, these two tools do not necessarily address the same needs.</p> <h2 id="asking-the-question-of-ones-exact-need">Asking the question of one&rsquo;s exact need</h2> <p>Before knowing which tool to go to, it is important to know the exact need to be addressed:</p> <ul> <li>Do I want to deploy only on AWS?</li> <li>Do I need to interface with existing tools (especially CI/CD)?</li> <li>Do I want to host the deployment solution myself or depend on a managed service?</li> <li>Do I already use other tools from the HashiCorp ecosystem (Nomad, Packer, Consul or Vault for example)?</li> </ul> <p>Indeed, with these questions you can already target the tool you want to use more easily.</p>https://tferdinand.net/en/linux-without-ssh-it-s-possible-with-amazon-ssm/Thu, 18 Jul 2019 07:10:54 +0000https://tferdinand.net/en/linux-without-ssh-it-s-possible-with-amazon-ssm/<p>In a computer park with linux machines, SSH is something classic. Very often scanned, regularly badly secured, it is also a possible entry point for attacks. Moreover, the problem of SSH traceability often pushes companies to set up specific processes.</p> <p>On Amazon, it has been possible since last year to log in using SSH without the need for a key, login or password&hellip; and without SSH.</p> <h2 id="ssm---systems-manager-agent-amazon-style-configuration-manager">SSM - Systems Manager Agent: Amazon-style configuration manager</h2> <p>Amazon makes it easy to deploy server fleets, however, deploying a server is easy, maintaining it is not necessarily. Many companies will probably choose to use Ansible, Puppet, Chef or another manager configuration.</p>https://tferdinand.net/en/migrate-your-infrastructure-to-aws-in-an-optimal-way/Fri, 12 Apr 2019 12:39:56 +0000https://tferdinand.net/en/migrate-your-infrastructure-to-aws-in-an-optimal-way/<p>The Cloud appears to be an Eldorado for many companies: simpler application deployment, cost reduction, use of innovative technologies, so many advantages that Amazon promises to its potential customers, but is it that simple?</p> <p>AWS, and the cloud more generally, can be an excellent lever on the points mentioned above, however it is quite easy to lose feathers. In this article, I will list what, for me, seems to be the mistakes to avoid.</p>https://tferdinand.net/en/aws-summit-2019/Thu, 04 Apr 2019 18:27:27 +0000https://tferdinand.net/en/aws-summit-2019/<p>I was at the AWS Summit in Paris a few days ago. For those of you who don&rsquo;t know this event, it&rsquo;s a full day of conferences around Amazon&rsquo;s cloud, AWS. This meeting is quite interesting because it allows us to get feedback from a lot of companies coming from different backgrounds.</p> <p>I was going for the second time, the first time being in 2017. I was waiting for this day given the announced conference schedule.</p>