Blog category: AWS
Intrusion detection and prevention with AWS Lambda and DynamoDB streams
April 5, 2017 by Paulina Budzoń
Intrusion detection system (IDS) and intrusion prevention system (IPS) tend to be expensive and complicated. In AWS, you can go for much simpler solution - WAF. But that requires you to use Application Load Balancer or CloudFront. But even with WAF, you have to manage a list IP addresses of attackers that should be blocked. Or, if you only ever need to block single IPs for short periods of time, NACLs may be a much easier option! Here’s a walkthrough on how you can implement a terribly simple (yet very powerful) intrusion detection and prevention in AWS with Lambda and DynamoDB Streams for a web application.
Update on the deadline for AWS Specialty Beta exams
April 3, 2017 by Paulina Budzoń
If you’re still waiting for the results of the AWS Specialty Beta exams (Security, Big Data or Networking), you are not alone. The results and final versions of the exams were supposed to be released at the end of March. But March came and went, and we only got one small update from AWS.
AWS Certified Solutions Architect vs DevOps exams - my subjective comparison
March 27, 2017 by Paulina Budzoń
Last week, I finally had the time to schedule my AWS Certified Solutions Architect - Professional exam, which I passed on Saturday. It’s been a while since I did the other AWS Professional level (DevOps) certificate, but I thought I’d share my take on how the exams compare.
Bug in KMS: encryption key that cannot be deleted
March 6, 2017 by Paulina Budzoń
Recently, I noticed a weird KMS key on an AWS account - what was weird about it, was the fact that it wasn’t marked as AWS-managed key, but no-one (not even root) could delete or modify the key!
Creating Elasticsearch Domain did not stabilize - can't create AWS Elasticsearch 5.1 with CloudFormation
February 17, 2017 by Paulina Budzoń
Recently AWS announced support for Elasticsearch 5.1 in their Elasticsearch Service. Today, I tried to upgrade an existing CloudFormation stack, previously using Elasticsearch 2.3, to the new version and, after a very long wait, CloudFormation rolled back the stack with the following error: “Creating Elasticsearch Domain did not stabilize”. Here’s what I did to solve it.
