Tips for your AWS Cloud Infrastructure
Best practices state to not use AWS Access Keys as they provide long term access and instead you should utilize IAM roles. but unfortunately there are times that require utilizing Access Keys and granting users with pragmmatic access. The problem is that AWS doesn’t offer a solution to enforce rotating Access Keys, and such can Read more about Improve your security and enforce AWS Access Key rotation for IAM Users[…]
AWS provides the ability to version Lambdas and assign versions to Aliases, which can be beneficial when managing Lambdas with environments. For more in depth information, please refer to AWS documentation for Lambda-Versioning-Aliases Each version of a Lambda consumes code storage space allocated by AWS, and depending on how many Lambdas, Versions, and your code Read more about AWS remove unused Lambda versions[…]
GOAL: To describe a fully automated process that will create new AMIs when Amazon releases updated AMIs, utilizing AWS Lambda, VSTS Build, Packer, and Octopus Deploy. Amazon releases new AMIs (Amazon Machine Images) on a regular basis to incorporate security updates and feature enhancements. AWS AMIs also expire, which means you can no longer deploy Read more about AWS – Automation process for updating newly released AWS AMIs[…]
I’ve used AWS Lambdas before, but never have I integrated Slack with Lambdas…until now. We use Slack a lot, and with it we are adding integrations to improve team communications and visibility. We also use AWS Cloudformation which allows us to quickly and repeatedly launch entire environments. The templates are independent, which allows developers to Read more about Save money, delete your stacks using Lambdas and interactive Slack messages[…]
Octopus Deploy provides machine policies which allows you to configure your Octopus server to remove machines automatically, but it only removes the machine if it is considered unhealthy. This is normally ok, but what if you want the cleanup to be near real-time? Especially if you launch a lot of instances using AutoScaling Groups. Or, Read more about AWS Lambda function to remove terminated instances from Octopus server[…]
If you are using Octopus Deploy to deploy your .Net code to your Windows servers and also using AWS Auto Scaling Groups, you may have come across some of the limitations of Octopus. Primarily, Octopus has no built-in process to deploy the current project release to a newly registered tentacle immediately upon the tentacle registration. Read more about Using Chef to automate Octopus Deployments[…]
If your Amazon EC2 instances are part of an Auto Scaling Group and are required to be joined to a Windows Domain, then maintaining a clean Active Directory environment may be an after thought. EC2 instances can be terminated for a variety of reasons, and since they may terminate abruptly their Active Directory objects may Read more about AWS – using SQS to cleanup Active Directory of terminated instances[…]
If you have an environment like we do you, fairly small and few service layers, it may not make sense to provision a Chef Server. Luckily, we can still get the benefits of using Chef to configure our servers by using the included Chef-Solo. Chef-Solo will run entirely locally on the instance, therefore we must Read more about AWS – Bootstrap Windows EC2 instance with Chef-Solo[…]
Some environments will require you to join your Windows servers to a domain. The following will show the steps taken to automatically join a server to a Windows domain. This assumes the following: An existing AWS VPC with access to S3 bucket New instances are able to communicate to a domain controller. NOTE: Amazon does Read more about AWS – Auto join EC2 Windows instance to Active Directory Domain[…]
Having your AWS hosted services maintain high availability is often a top priority, and sometimes its not as straightforward as we all would like it to be. Here I will describe how to create an “almost” highly-available NAT server. NOTE: This configuration is not 100% highly available. If you only have one NAT instance you Read more about AWS – autoscaling and self healing NAT instance[…]