Discover and read the best of Twitter Threads about #aws

Most recents (24)

AWS IAM is having issues again. #aws #iam us-east-1 Second time in a week.
@AWSSupport stop breaking #IAM
Going on 25+ minutes and no acknowledgement of #aws @AWSSupport #iam outage in us-east-1. "EC2 is also Unable to execute HTTP request: Connect to iam.amazonaws.com [iam.amazonaws.com/205.251.242.222] failed: connect timed out" We are hosed.
Read 5 tweets
1/ .@kimmytaylor I鈥檓 not on the reply list but wanted to share my story (and will answer your question at the end). I joined AWS as a PM ~9 years ago. CS undergrad, did brief stints in consulting and finance but wanted ownership. Enter startups. Also, my first tweet thread!
2/ Went out for happy hour on a Tuesday with three friends in 1999 and a week later, we all quit to try and start a company. We had a number of good ideas but joined other (way more experienced) friends to co-found our first one and moved from Boston to the Bay Area
3/ This company was Quova - IP->Geo mapping. Looking back, I was clueless, not dumb, and I cared. Had an awesome time and learned a ton. After that, post bubble, bounced around a bit but ended up working for great founders and people (@AndySack and @crashdev) in Seattle
Read 18 tweets
Hoy me gustar铆a compartir algunas reflexiones fruto de las 煤ltimas novedades aparecidas y mis experiencias en cliente con #infrastructureascode en #AWS. Vamos al l铆o 馃憞
Siempre me he sentido m谩s atraido hacia el enfoque declarativo por su falsa sensaci贸n de control y orden, pero con configuraciones grandes, poder refactorizar el c贸digo hacia abstracciones propias y modificar su definici贸n/parametrizaci贸n con c贸digo ha sido determinante
En ese sentido, #cloudformation como tal siempre me ha parecido muy locura y un formato m谩s de bajo nivel que otra cosa. En general siempre trabajo con herramientas que lo generan como #serverlessframework o #amplify
Read 18 tweets
Choosing the right tech stack is one of the most important decisions when building a software product.

The ability to scale quickly depends on many factors but having the proper tech stack may be the most important one.

(Thread) 馃憞
1/ Tech stacks not only impacts the scalability in terms of performance but also provides flexibility and agility to evolve the product, eases the development of ecosystems, and attracts and retains talent.
2/ I am sharing in this thread, some of the components of our tech stack at @intraway that are working great for us.
Read 16 tweets
We spotted a new #AWS coin mining attack this weekend. Here's some of the interesting observations 馃攷馃攷馃攷

馃搷Attacker had root access
馃搷Spun up 10 c5.4xlarge EC2s
馃搷Brought their own SSH keys 馃憖
馃搷Bot framework written in Golang

More tidbits 馃憞
It's entirely possible that the root access key was scraped and passed off to the bot to spin up miners right before this was detected, but didn't see any CLI, console or other interactive activity fortunately.
Attacker definitely wasn't worried about setting off any sort of billing/performance alarms given the size of these EC2s 馃槵
Read 9 tweets
(1/4) Startups or individuals looking for free cloud credits? Here is the thread in which I have shared some of the top players in cloud services providing free credits to users and startups. This is the time Start Coding. Resources are there.
#startupindia #IndiaPushesBackChina
1. #AWS: Free one year of limited usage for anybody with AWS Free tier. Just create a new account and enter payment details. Free tier includes aws.amazon.com/free/
Also, #awsactivate gives a lot of free credits to startups: aws.amazon.com/activate/
@awscloud @AWSstartups
2. #Azure : Free one year of again the limited usage(including some AI-based services) to anybody, with Rs. 13,300 as free credits:
@Azure @Microsoft @msdevindia #Microsoft
Read 5 tweets
This week's thread on #images by
chief @souvikdg. When it comes to #performance images play a big role. (1/11) #ContentWeb
@souvikdg #Images occupy large visual space in most #websites. They are also among the heaviest network payloads. On average, images account for about 50-60% of page weight i.e. bytes transferred to load a #webpage. (2/11) #ContentWeb
@souvikdg Two main aspects of image-related optimizations are:
1. Optimizing #image properties: size (scaling or cropping), format, quality and compression.
2. Optimizing #network/requests 鈥 fewer requests (sprites, base64encoded URLs), #CDN, lazy loading, caching, etc. (3/11) #ContentWeb
Read 12 tweets
馃敟 AWS Lambda Powertools for Python is now GA 馃敟

We're now GA with four utilities

馃専Core: Tracer, Logger, and Metrics
馃専Bring your own middleware

Core contributors: @Tom_McC @NMoutschen

More details in this 馃У

#serverless #aws #python
github.com/awslabs/aws-la鈥
Last year I was fortunate enough to speak at re:Invent about Serverless Architectural Patterns and Best Practices

That preceded the work we've been doing with the AWS Well-Architected Serverless Lens since 201, however there was to it than patterns..

At the end of the session, after lots of water, if you watched ;), I talked briefly that Patterns are important to understand what worked well but we shouldn't hang to it as the ultimate truth

That was the hook for the Serverless Lens that came later

aws.amazon.com/blogs/aws/new-鈥
Read 11 tweets
I have spent quite a bit of time with AppSync on a few projects, and it's really grown on me, big time. So much of what's difficult with API GW comes out-of-the-box.

Here are 5 things that really stood out (a long form blog post to follow soonish)

#serverless #aws #graphql

1/
1. Coginot group-based authentication.

This is a big undertaking with API GW, you have to assign IAM roles to groups, set precedence order, then write a custom auth Lambda func & generate policy yourself.

With AppSync, it's built-in, literally a one-liner!

2/
2. Request & response validation.

With API GW you need to set request model (not bad) but there's no response validation (the response model is only used for doc generation) so you have to roll your own.

With AppSync, it's just how GraphQL works, no extra work required.

3/
Read 11 tweets
A really good Q during the last Q&A session of my Production-Ready Serverless workshop. Thought I'd share it here.

Q: "I have a nightly task that load some data from RDS and then write it to S3, should I have 2 functions for this with API between them?"

#serverless #aws

1/14
I always start from the simplest solution and go up from there, and stop at the least complicated solution that meets all my criteria.

In this case, if everything can be done within the 15 mins limit, I see no reason to split the functions.

Follow the KISS principle.

2/
But, there are many reasons to split the steps into multiple functions.

E.g. to increase parallelism, you may split the task up into many small tasks, and fire off an invocation (separate function) to handle each.

Which means you need some sort of queue, but which?

3/
Read 14 tweets
I passed the #AWS SA Pro exam a few days ago, and got some great comments from people, so thought I鈥檇 write up my approach to hopefully help others. The full post is below, but there鈥檚 also lots of great resources on Twitter #AWSCertified 1/5
teachmyselfcloud.com/post/aws-sa-pr鈥
Identity is critical and you won鈥檛 pass without a solid understanding. There are some amazing talks available online by @bjohnso5y. Give her a follow along with @mchancloud, the Developer Advocate for @AWSIdentity 2/5
#Database #freedom is important and you need to know your columnar from key-value from relational. For some reason #QLDB doesn鈥檛 feature that heavily yet, but it鈥檚 worth a deep dive into @dynamodb so make sure you follow @alexdebrie and @rickhoulihan as a minimum 3/5
Read 6 tweets
TIL that #AWS S3 event notifications --> SNS still don't provide the opportunity to configure static message attributes to provide native S3 events to SNS topic filtering 馃槓

I would really like to see this added as a feature.
The reason I would like this feature is so that I could use S3 as an event hub so to speak. Producers can write events to S3, use event notifications to push to a single SNS topic, consumers can use Message Attributes to filter to just the messages they want.
The workaround is that producers write their event info to S3 and then call the SNS topic directly with the S3 path + Message Attributes to provide filtering. But this means defining a custom event object that now consumers have to know how to parse.
Read 3 tweets
A lot of people are intimidated by cloud security...that fear of the unknown. I used to be (and not long ago..) but it's actually not that complicated. Here's a few things to do to get started with #aws security from a blue team perspective 馃憞
Understand the basics. Learn the foundational services (EC2, VPC, RDS, EKS, Lambda)鈥WS has tons of free training and documentation.
Learn IAM. Protip: it鈥檚 not Active Directory so there鈥檚 a learning curve but once you start to understand this, then it all will start to click (security-wise).
Read 6 tweets
Look what I just found floating around on Github! #Graviton2 #AWS

github.com/aws/aws-gravit鈥
am really curious whether anything needs to be done to get Golang to generate v8.2 rather than v8.0 instruction set... or whether there's any perf gains there...
Aha, looks like golang reads HWCAP. github.com/golang/go/blob鈥
Read 3 tweets
Highlights from chasing an attacker in #AWS this week:

Initial lead: custom alert using #CloudTrail
- SSH keygen from weird source
IP enrichment helped
Historical context for IAM user, "this isn't normal"
#GuardDuty was not initial lead
- Did have LOW sev high vol alerts
Attacker tradecraft:
- Made ingress rules on sec groups that allowed any access to anything in VPC
- Interesting API calls: > 300 AuthorizeSecurityGroupIngress calls
- Spun up new ec2 instance likely to persist
- Mostly recon - "What policy permissions does this IAM user have?"
Investigations:
Orchestration was super helpful. We bring our own.

For any AWS alert we auto acquire:
- Interesting API calls (anything that isn't Get*, List*, Describe*)
- List of assumed roles (+ failures)
- AWS services touched user user/role
- Gave us answers, fast
Read 4 tweets
#Corona benefits.

A thread (will be continually updated).
@pluralsight #FreeApril offer::
Build in-demand tech skills without leaving your house. Get free access to 7,000+ expert-led video courses and more all month long.

pluralsight.com/offer/2020/fre鈥
@Codecademy #students offer::
Codecademy Pro for free to high school and college students across the world for the rest of the school year.

pro.codecademy.com/learn-from-hom鈥
Read 20 tweets
What's it like working as a Support Engineer at @honeycombio ?
A THREAD
First off, our users are _amazingly savvy_ developer and SRE-types. I've honestly never encountered a sharper group. They read the docs and ask excellent questions. Overall, our customers are the most delightful part of the job!
Today our first line of support is the awesome @zerotabs, who handles incoming requests via @intercom as well as our Slack community (Honeycomb Pollinators). Support@ email is routed to Intercom.
Read 10 tweets
From a recent @martin_casado article posted on @a16z:

"Cloud infrastructure is a substantial 鈥 and sometimes hidden 鈥 cost for AI companies".

I'm sharing the techniques we use at @FloydHub_ to reduce this cost on #AWS and improve our gross margins [Thread] #ML #AI
0/ Not all AWS regions are priced the same. GPUs can be up to 90% more expensive across regions. Other than cost consider these when picking your AWS region: proximity to your geographical location, compliance requirements, and integration with any existing AWS infrastructure.
1/ Reserve your GPU instances and/or purchase Savings Plans. Review your GPU usage for the last 3-6 months and purchase 1-year plans based on that. Gives you 25-30% savings on your GPU bill.
Read 12 tweets
Excited to learn more about #AWS Eventbridge from @sheenbrisals! #AWSCommunityDay
Definition of Event'utal' Confusion by @sheenbrisals 馃槃
Routing rules is the power of Eventbridge. @sheenbrisals #aws
Read 8 tweets
Predictions are useless but predicting is invaluable (scenario planning)
@profgalloway #2020predictions
#Snap is less corrosive / damaging to teens
#Tesla trades at 3x the value of auto companies, worth more than Ford & GM combined, dramatically overvalued
#SherylSandberg 2nd best paid person who does the most damage (after Zuck)鈥攕he's erased from FB like Trotsky from photos
#HBOMax = like going to the Louvre & saying "let's scale this"鈥攂iggest brand blunder of 2018
#AWS is worth more than #Amazon鈥攚ill be spun out
Choice is a bad thing, people want less choice but to be confident in the choices they're making
Read 9 tweets
馃摎tl;dr sec 19
* @shehackspurple & @j_opdenakker on getting into security
* Google's BeyondProd & code provenance (thx @MayaKaczorowski)
* Cloud, API, and file access bug security tools

... and I've got something big planned next week, stay tuned 馃か

tldrsec.com/blog/tldr-sec-鈥
Static analysis tools to find security issues in:

馃寧Terraform scripts:
* github.com/liamg/tfsec
* github.com/bridgecrewio/c鈥
* github.com/cesar-rodrigue鈥

鈽侊笍CloudFormation templates:
* github.com/Skyscanner/cfr鈥
* github.com/stelligent/cfn鈥
Other #security tools:

Docker container that wraps 7 other #AWS security tools:
github.com/z0ph/aws-secur鈥

Automatic API attack tool that takes API specs as input:
github.com/imperva/automa鈥

Finding file access bugs:
github.com/google/path-au鈥
Read 4 tweets
I've been using #AWS for 8+ years now, so IAM is relatively second-nature to me. But I just sat down to explain it to someone new to AWS and... wow, it is a confusing service. (thread) #aws #cloud #security #cloudcomputing
First, we've got policies - what can the role do and what services can it access? Policies are JSON-based (although AWS added a "friendlier" UI recently, which honestly creates some really confusing output). Most common security mistake here: using wildcards.
An IAM user or role can then have multiple policies, each with 1+ statements. Policies can be inline, AWS-managed, or account-managed (i.e. shared). Policies can be attached directly to users or roles or to the groups those users are in.
Read 9 tweets
Q: What is Wavelength? AWS Wavelength provides developers the ability to build applications that serve end-users with single-digit millisecond latencies over the 5G network. Wavelength embeds AWS compute and storage services at the edge of telecommunications providers...
5G networks, enabling developers to serve use-cases that require ultra-low latency like machine learning inference at the edge, autonomous industrial equipment, smart cars and cities, Internet of Things (IoT), and Augmented and Virtual Reality. Wavelength brings the full power of
AWS to the edge of the 5G network, so customers can deploy the portions of an application that requires ultra-low latency to mobile and connected devices using the 5G network, and then seamlessly connect back to the rest of the application and the full range of cloud services
Read 9 tweets
It is not possible to create a customer-centric product without culture and tooling. - @MarcJBrooker #reinvent
#DevOps is about a loop - @MarcJBrooker
@MarcJBrooker This loop can get broken if you refuse to analyze failures. Most of the time it is broken because we don't change that particular culture. - @MarcJBrooker #reinvent
Read 21 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!