• Apr 25, 2023 by Petri Kallberg

    Connecting Cloudformation with the rest of the world

    December 2020 I wrote about custom Cloudformation resource types. Back then I finished with a thought of resource type that could get attributes of resources regardless how they were created or maintained. I neved got back to this topic, until recently my colleague notified me there is now such a thing added into Cloudformation Community Registry Extensions.

  • Feb 11, 2023 by Petri Kallberg

    Drift Detection

    When the state of your IaC tooling and reality doesn't match, is the problem in reality or how the state is managed? I recently watched 2 presentations that got me writing this post about IaC and drift detection. The First one was Cloudonaut podcast where Michael Wittig described the conflict with Terraform and other tools that apply tags to resources. The Second one was Adam Jacob's "What if infrastructure as code never existed" ...
  • Nov 19, 2022 by Petri Kallberg

    AWS Organizations + Cloudformation

    AWS Organizations has been available since late 2016 but got the Cloudformation support just recently. Until now you had to write your own custom resources to manage accounts and organizations in Cloudformation, that then made you responsible of maintaining attached code and lambda functions. With the announced Cloudformation support, it is now possible to create, and to some extent manage, organizations tree, policies and AWS accounts in Cloudformation stacks without extra hassle.

  • Oct 13, 2022 by Petri Kallberg

    Closer look at AWS data transfer cost

    Please raise your hand (virtually) if you think AWS data transfer cost is difficult to allocate for applications or resources generating it, because data transfer can not be tagged. I was part of that group too, until recently. If that got you interested, here is another post in series of an old dog learning (not so) new tricks

  • Aug 7, 2022 by Petri Kallberg

    How to create a VPC (and delete it)

    AWS VPC is something you must have before you can start building services on AWS. In theory you can do some serverless applications using Lambda, S3 and DynamoDB, and be deployed without a VPC but pretty soon you will want to deploy other things that must go into a VPC.