AWS Posts

Provisioning Custom CloudFormation Resources Using AWS Lambda

  • by Emre Yilmaz
  • Dec 15, 2017
  • AWS, Serverless, DevOps

AWS CloudFormation is the foundation of operational excellency on AWS. We code our infrastructure in JSON of YAML templates and test it as much as we need before deploying on production. It is simply infrastructure as code concept.

However, some new resources may not be supported by AWS at the same time they are launched. As of today, an example to these is Elastic GPU resource. The solution is to define a custom CloudFormation resource and attach this resource to a Lambda function which launches these resources. The Lambda function should also be in the same template and I will describe the process in this blog post. ... read more

Transferring Domain Registrations from GoDaddy to Amazon Route 53

  • by Emre Yilmaz
  • Dec 6, 2017
  • AWS, DevOps

Amazon Route 53 offers domain registration services and if you would like to keep your domains together like I do, you can transfer your current domain names easily.

In the past, I bough some domains from GoDaddy and generally use Amazon Route 53 as my DNS service. It is time to renew some of our domains and I decided to move them to AWS as they are extended 1 year automatically after the transfer. This will allow me to manage my domain names, as well as the services behind them all together on AWS. I will describe the process as a reference. ... read more

Controlling API Usage with API Keys and Usage Plans on AWS API Gateway

  • by Emre Yilmaz
  • Nov 28, 2017
  • AWS, Serverless
Contolling API Usage with API Keys and Usage Plans on AWS API Gateway

AWS API Gateway provides us to develop our own RESTful APIs and trigger AWS Lambda functions upon HTTP requests. I often use this architecture in my serverless applications and developed many APIs for my clients. With the help of API Keys and Usage Plans, we can define maximum request quotas and manage request rates while sharing our API with others.

Although API keys can never be considered as a full security measure as we often store these keys in client applications calling the API, usage plans can provide us to limit the API access and be sure that usage does not exceed tresholds we define. ... read more

AWS IAM Policy Conditions and Restricting Access by Availability Zones

  • by Emre Yilmaz
  • Oct 31, 2017
  • AWS

AWS Identity and Access Management (IAM) is the foundation service to manage security of your resources on AWS. Custom IAM policies feature allows us to define our own policies according to our needs instead of using AWS Managed Policies. Normally, it is a best practice to use managed policies whenever possible, because AWS updates them automatically when a new service is launched. However, assigning least privileges is the most important principle in terms of security and sometimes it is better to prepare custom policies.

Conditions in IAM policies allow us to tailor permissions and grant access to users if the resource meets specific conditions. In this post, I will show you how to use conditions in an IAM policy to grant users permissions to start/stop EC2 instances if the instance is in a specific availability zone. ... read more

Running AWS Lambda Functions in a VPC and Accessing RDS

  • by Emre Yilmaz
  • Oct 23, 2017
  • AWS, Serverless, Databases
Running AWS Lambda in VPC and Accessing RDS

AWS Lambda allows us running code without maintaining servers and paying only for the resources allocated during the code run. In most cases, we do not need to run our Lambda function in a VPC and it is recommended not to run in a VPC in these situations as a best practice. Some of examples to these are sending emails using Amazon SES or accessing a DynamoDB table.

However, to access an RDS database in your Lambda function you have to run your function in the same VPC or in a VPC that has a peering connection to the VPC of your RDS instance. In this blog post I would like to discuss about running AWS Lambda functions in a VPC and accessing a RDS MySQL database. ... read more

AWS CloudFormation Step by Step: Beginner to Intermediate

Would you like to start learning AWS CloudFormation? Check out my course on Udemy!

  • ✔️ Start as a beginner and learn how to create stacks and write your own templates with YAML.
  • ✔️ Learn CloudFormation basics in detail with AWS best practices.
  • ✔️ Achieve an intermediate level where you use CloudFormation daily to automate the creation of your AWS resources.

Click the link below to buy this course for only $12.99 for a limited time. Alternatively, you can use JUNE2020 coupon code during the checkout.

Join now on Udemy!

* The price on Udemy may change slightly depending on your country and your local currency.


Subscribe to this blog's RSS feed