Blog category: AWS

Don't panic! False-positives from GuardDuty and Network Load Balancer (NLB)

March 20, 2018 by Paulina Budzoń

If you’re keeping in touch with new services provided by AWS, you probably heard about new security monitoring tool: GuardDuty. You probably also noticed a whole new family of Elastic Load Balancers (v2), which includes Network Load Balancers (NLB). Deploying those two new services may generate some unexpected results - and here’s why.

Continue reading

Need help with Amazon Web Services (AWS)?

March 19, 2018 by Paulina Budzoń

Thinking of moving into the Cloud or already in it, but have some questions? We are happy to help! No question is too big or too small - we can offer help extending, modifying, auditing and optimising costs of your AWS operations. Whether you have a one-off problem, or need ongoing support, get in touch and we’ll find the answer for you.

Examples of problems we’ve already solved for our clients:

Continue reading

Complete code: automated EC2 snapshots and retention management

March 11, 2018 by Paulina Budzoń

Creating snapshots from EBS drives attached to your EC2 instances is the most basic way of backing up your data. While you have to be cautious when snapshotting running EC2 instances without restart, doing it regularly is a base of many disaster recovery plans. In the latest update to aws-maintenance repo on GitHub you’ll find a complete code and CloudFormation template that will make this as painless a process as possible.

Continue reading

Cross-region RDS recovery: encryption and Aurora support

February 3, 2018 by Paulina Budzoń

After my previous post about a complete code for automated RDS cross-region backup copy, some issues and new feature requests have been raised on GitHub (thanks for that!) - and with your help, support for encrypted RDS instances and Aurora Clusters have now been added!

Continue reading

Sharing encrypted AMIs between AWS accounts (using Python and boto3)

November 2, 2017 by Paulina Budzoń

Each Amazon Machine Image (AMI) holds information of the volumes and snapshots of those volumes that should be attached to instances created from that AMI. To protect the data on those snapshots, you can choose to encrypt them using KMS. Encrypting your data at rest is generally a good idea, though many companies choose to avoid encrypting their snapshots, because sharing such snapshots between different AWS accounts (for example, Test and Production accounts) can be difficult. That’s why I’m sharing details on how to make this as easy as possible (and automated!).

Continue reading