• How to create a VPC (and delete it)

    AWS VPC is something you must have before you can start building services on AWS. In theory you can do some serverless applications using Lambda, S3 and DynamoDB, and be deployed without a VPC but pretty soon you will want to deploy other things that must go into a VPC.

  • How to disconnect an instance from VPC

    How to disconnect or isolate an instance from VPC ? Typically you have the opposite problem. How to get 2 services talking each other and figure out what is blocking the connectivity. But what if you need to disconnect compromised instance from VPC and terminate all established connections !?!

  • Routing to correct Network Firewall endpoint

    Deployment models for AWS Network Firewall, and part 2 covering the latest VPC routing options, explains in details how AWS Network Firewall can be deployed in different routing configurations. While these are typically one time tasks, I thought it would make sense to create a Cloudformation template for this because the setup has many components that are easy to misconfigure but difficult to debug.

  • AWS Amplify geo-block

    I was going to write a post about setting geo restrictions for your CloudFront distribution but Andreas Wittig from Cloudonaut already did that so I’m going to just link to his post. However if you’re using AWS Amplify, like I do for this blog, you can not directly modify CloudFront settings as distribution is not shown on console.

  • Sharing AWS NAT Gateways

    AWS NAT Gateway is a great service that helps in building reliable networks. Scaling it however can become expensive when you have 100s of VPCs. Until I realised I had misunderstood a very critical bit of AWS pricing. This allows, not just to build more affordable, but also better network architectures.