Blog

Bypassing CloudTrail and CloudWatch monitoring of AWS API

Since AWS released CloudWatch Logs and allowed for automated streaming of CloudTrail events into CloudWatch, monitoring API usage with CloudWatch metrics and alerts has become increasingly popular. It’s incredibly easy to set up and add custom alerts on almost any API event. But is it actually going to notify you when an unauthorized person gains access?

Simple MAC policy in FreeBSD

Mandatory Access Control (MAC) Framework is one of the less known FreeBSD features. Let’s take a look on how to use it.

Adding more nodes to Redshift cluster doesn't always mean you get more space

AWS Redshift is a big data storage (“data warehousing”) solution for analytics. Based on PostgreSQL 8, it can combine up to 128 largest nodes, giving you 2 petabytes for your data. Well, almost. You don’t get ALL that for your data.

Capsicum helpers

Sandboxing applications using capsicum can sometimes lead to repeating some common patterns and duplicating large amounts of code. Fortunately there is an easy solution.

AWS S3 storage classes pricing is not what you think

Since publishing this post, AWS reached out to us about the RR pricing. See bottom of the post for the update.

When storing data in S3, at some point everyone asks the question about storage classes. At first glance it looks more or less simple - if you’re accessing your data less often, or it’s not very important, you can pay less. Until you look into details, find all the asterisks and compare the actual numbers.