Posts
-
AWS caching options
AWS provides several ways to cache data depending on your use case and infrastructure requirements. In many cases, you don’t need to invent the wheel and can use a fully-managed solution that does not require significant code changes.
By caching at the appropriate layer, you can optimize latencies while minimizing unnecessary load to your backend services, allowing you to scale at a reasonable cost.
-
AWS S3 bucket creation dates and S3 master regions
While working on functionality that depended on AWS S3 bucket ages, I noticed that published bucket CreationDate values didn’t always reflect when the buckets were created.
For example, when I called the S3 ListBuckets API a few minutes after updating a bucket access policy, the CreationDate value returned for that bucket was the time that I had modified the policy rather than the time that I had created the bucket. This was also reproduced when using the AWS CLI via the
aws s3api list-bucketscommand. -
Choosing a logging library for Kotlin or Java AWS Lambda functions
There are a lot of logging libraries to choose from when writing AWS Lambda functions in Kotlin or Java. Since Kotlin is fully interoperable with Java, Kotlin projects have access to both Kotlin-based and Java-based logging libraries.
This post compares some of the major options and evaluates which are most suitable for Lambda functions.
-
Lessons learned from using AWS Data Pipeline
One of the projects I worked on last year had a requirement to sync daily snapshots of data from Amazon RDS to Amazon S3 in order to support other internal services that ingested from S3 data providers.
I decided to use AWS Data Pipeline since it seemed to be a good fit for our use cases and worked well in a proof-of-concept.
This turned out to be a less than ideal solution although it did the job, and I learned several lessons from the experience.
-
Lessons learned from playing Go
Managing too many choices
Go forces us to ask ourselves those all-encompassing questions:
What should I do now?
What things are most important to me?
What should I be focusing on?
Or combined into a more immediate, actionable form: What is the most important thing for me to do right now?
-
Investigating 'You don't have enough free space in /var/cache/apt/archives/' errors
I was recently having issues upgrading Debian Linux due to
You don't have enough free space in /var/cache/apt/archives/errors, and it took an hour or so to resolve the root cause of the issue (one program consuming far too much space). Hopefully this post will help cut down the debugging time for other people who run into this problem. -
Setting up secure AWS S3 buckets with CloudFormation
In this post I'll go over a few of the configuration settings that you can use to secure your S3 resources, with a base CloudFormation template at the end that you can play with and extend. -
Diving into the Essential Eight strategies to mitigate security incidents part 2: limiting blast radius and recovering
This is the second part of a deep dive into the Australian Cyber Security Centre’s Essential Eight mitigation strategies, following up on an overview of guides from the Australian Cyber Security Centre (ACSC), and a deep dive into the first four of the Essential Eight.
To recap, the Essential Eight are the ACSC’s top eight recommended strategies for mitigating security incidents. This post will focus on the last four mitigation strategies.
The Essential Eight are:
- Application whitelisting
- Patching applications
- Configuring Microsoft Office macro settings
- Hardening user applications
- Restricting administrative privileges
- Patching operating systems
- Multi-factor authentication
- Daily backups
For each of the highlighted strategies, I’ll review security controls from the Australian Information Security Manual (ISM), incremental steps to achieve them following the Essential Eight Maturity Model, and comments on the overall strategy.
subscribe via RSS