Persisting IPs With AWS ENIs in RHEL 7.4

I spent some time on this in the week and there was some wrestle involved in setting up an Elastic Network Interface to be used with an autohealing EC2 instance, I thought it would be worth sharing the pattern if someone has to design a service in a similar fashion. If designed correctly, a new instance will reassociate to the address in the event of an instance termination and the consuming entities can keep querying the newly instantiated service on the instance. [Read More]

Useful JMESPath in AWS CLI

Thought I’d take the time to consolidate some of the learnings I’ve made along the way when making queries against an AWS account using the command line interface. Originally I came from a development background and did most of my automation scripts as a combination of Python 2.7, Boto3 and Fabric. While I still see these as having their place when managing complex objects or performing heavier string manipulation I’ve found you can get a long way with a combination of Bash scripting, AWS CLI and Cloudformation templates. [Read More]

AWS Administration Cookbook

Big shout-out to Rowan Udell and Lucas Chan who have released their new book AWS Administration Cookbook today. I had the pleasure of reviewing it; if you’re in development or ops and want to know how to professionally build infrastructure at scale in AWS I highly recommend purchasing this book. The guys provide clear recipes that are backed by Cloudformation templates so that you can create the projects easily, understanding exactly what is going on and have you managing groups of AWS accounts concurrently. [Read More]

AWS Devops Engineer Professional Certification: How I got there

In my off-time I’ve been studying for the AWS DevOps Engineer Professional Certification (exam blueprints can be found here). I have the SysOps Associate Certification and I wanted to keep pushing and learn as much as I could about the world’s leading cloud platform. Finally, last Monday I sat the exam and passed! Given this I’ll go over my exam preparation and tips, the impressions I had of it and hopefully yield some useful insights for anyone in preparation mode for this exam. [Read More]

Boto sessions and AWS multi-account

Generally when I’m writing an automation script for AWS resources, the action is isolated to the one account. Recently, I worked on a script that manipulated resources across multiple accounts. It’s good practice and a common pattern to host separate environments and resources in different accounts, unifying them then by creating a third. Users are assigned limited permissions in the third account, they can then take the step of assuming an IAM role to access the secure environments through a trust relationship with it. [Read More]

Vegas, re:Invent and great breakout sessions

It’s been a while since re:Invent happened, but in my defense it has been a very busy three months. Other than Christmas, New Years, taking some time off and working with clients I had the opportunity to attend the recent re:Invent held in Las Vegas. Going to re:Invent in Vegas was an excellent way to catch what’s been happening in cloud technologies and what to keep an eye out from the eponymous service provider. [Read More]

Lambda Pattern: Hopper

Reusable patterns for Lambda

Hopper: 1. A container for a loose bulk material such as grain, rock, or rubbish, typically one that tapers downward and is able to discharge its contents at the bottom. 2. A person or thing that hops. A simple pattern I’ve been using lately when working with serverless architecture is what I’ve been calling a hopper, i.e. a Lambda function that takes as argument a path to some semi-structured data that can be iterated over then passed onto another Lambda function with the purpose of performing some well defined and isolated task. [Read More]

AWS Config and Resource Tags

An infrastructure piece I’ve been working on over the last fortnight is enforcing tags on resources in the AWS account environment. If you’ve worked in an Amazon account that hosts multiple environments with different resource types and jobs you will know it can quickly become difficult to tell if some resource is necessary or not, it may have been created by another team member and no one remembers if it’s used anymore. [Read More]