• Networking meets Agile Deployment

    You know the feeling when you get a new idea and would like to start building right away, and then run into road block of getting IP addresses allocated for a new VPC. But unless you get CIDR from the network team, it is likely you have to tear down everything and start from scratch later when you want to connect with other services or internal networks. Or simply answering the question “how many IPs do you need?” isn’t possible because you are still evaluating different architecture options. Would it be possible to get best of the both worlds? Start independently, without risking future connectivity.

  • Do the CloudWatch Metric Math

    “CloudWatch Metric Math makes it easy to perform math analytics on your metrics to derive additional insights into the health and performance of your AWS resources and applications.”

  • Tunneling into VPC

    In Where is my bastion host? and EC2 Instance Connect vs. SSM Session Manager I wrote about how to connect to EC2 instances inside a VPC without having to run a bastion host exposed to Internet but using the AWS API as the contact point. While this arrangement has many advantages over running your own server/service there is still one important use-case it can not do.

  • Building a Custom Cloudformation Resource Type

    Cloudformation resource types are real 1st class citizens and comparable to any AWS provided resources. Major difference to custom resources is the deployment model where AWS Cloudformation service is taking care of executing the resource type code on your behalf, and Cloudformation Registry for sharing and consuming resource types across multiple projects.
  • Rerouting Legacy Server IP Address

    In lift-and-shift -migrations from on-premises data center to AWS, you often find workloads that have been running for fairly long time with minimal changes and not all "modern IT" practices can not be taken for granted. One such practice is using DNS to find server IP address.