CloudFront deployments with Lambda@Edge

A/B Testing, Blue/Green deployments, Canary releases. Different, but still so much in common. They all have different purpose but are using basically using the same technical solution under the hood. We do these kind of tests for several reasons. One is to do a A/B test and determine what version our users like the best. Sure it is possible to do A/B testing on the client side, but personally I find it easier to do server side.
Blue / Green and Canary deployments are done to make sure a new version of the application work as we expect and give us an easy way to roll back to previous version in case of a problem. All of these are important practices in the DevOps culture.

6 min read

A tale of an CloudFormation import

Infrastructure as Code is one of the most important practices when it come to automation and DevOps. Even though more and more teams and companies enforce that setup of all infrastructure should be automated and defined as code, you can still run into key resources that have been setup manually. Several tools like CloudFormation or Terraform allow you to import manually created infrastructure. Is the process straight forward? Can everything just be imported out of the box? Recently I run into the need to import resources into a CloudFormation stack, this is my tale.

5 min read

AWS Lambda Extensions - Part 1

In the beginning of October AWS released Lambda Extensions. A new way to customize your Lambda functions. There are two different types of Extensions, external and internal. Internal Extensions run in the same process as the Lambda function while external Extensions run in their own process.

6 min read

Vending Machine for AWS accounts.

To separate different workloads, environments, playgrounds, lab areas, from each other the preferred way is to use separate AWS accounts. AWS Organizations offers a nice way to handle all of your AWS accounts from a single locations. Creating and managing the accounts in a manual way can be a time consuming work. I needed a way to be able to manage the accounts and to setup resources in the accounts at the time of creation in an automatic way.

5 min read

Temporary credentials, made easy

I started to write this post almost a year ago but for some reason I never finished it.
I have been using the small tooling, easy-aws-credentials (EAC), since I started the post.
Now finally I decided that it was time to clean up the tool, release it, and finish the post.

4 min read

AWS CDK - First impression last

A couple of weeks ago I decided to give the AWS CDK (Cloud Development Kit) a go. It had just become general available and the support for Python was in place.

6 min read

This is not the bastion host you are looking for

This is not the bastion host you are looking for!
A common way to get ssh access to EC2 instances in a VPC would be to go through a hardened bastion host. Does it sound familiar? Most people use this pattern, it has been around for like forever.

6 min read