AWS Bites is the weekly show where we answer questions about AWS in about five minutes. This show is brought to you be Eoin Shanaghy and Luciano Mammino, certified AWS experts.
Cost is always top of mind when building in the cloud, and recently AWS has introduced some changes worth paying attention to. In this episode of AWS Bites, we explore a shift that caught many by surprise: the “free” INIT phase for Lambda's managed runtimes is going away. That cold start time that used to fly under the billing radar? It's now part of the cost. We dig into what this means for your workloads, who might feel the impact, and whether this gives languages like Rust and Go an extra edge. But it's not all bad news. AWS has also rolled out new pricing tiers for CloudWatch Logs, making it cheaper for high-volume accounts. On top of that, there are new options to send logs directly to S3 or Firehose, helping simplify pipelines and reduce costs. We close with a few tips to help you keep your Lambda and logging spend under control. If you're building on AWS and care about efficiency, this is one you won't want to miss.Big shoutout to fourTheorem for powering yet another episode of AWS Bites. At fourTheorem, we believe the cloud should be simple, scalable, and cost-effective, and we help teams do just that. Whether you're diving into containers, stepping into event-driven architecture, or scaling a global SaaS platform on AWS, or trying to keep cloud spend under control our team has your back. Visit https://fourTheorem.com to see how we can help you build faster, better, and with more confidence using AWS cloud!In this episode, we mentioned the following resources:AWS Blog – Tiered Pricing for AWS Lambda: https://aws.amazon.com/blogs/compute/introducing-tiered-pricing-for-aws-lambda/Luc van Donkersgoed – When is the Lambda INIT phase free and when is it billed?: https://lucvandonkersgoed.com/2022/04/09/when-is-the-lambda-init-phase-free-and-when-is-it-billed/AWS Bites – Explaining Lambda Runtimes (Episode 104): https://awsbites.com/104-explaining-lambda-runtimes/AWS Blog – Standardized Billing for Lambda INIT Phase: https://aws.amazon.com/blogs/compute/aws-lambda-standardizes-billing-for-init-phase/Lambda Cold Start Benchmarks by Maxim David: https://maxday.github.io/lambda-perf/Duckbill Group Blog – Lambda Logs Just Got Cheaper: https://www.duckbillgroup.com/blog/lambda-logs-just-got-cheaper/AWS Bites – Becoming a Logs Ninja with CloudWatch (Episode 35): https://awsbites.com/35-how-can-you-become-a-logs-ninja-with-cloudwatchDo you have any AWS questions you would like us to address?Leave a comment here or connect with us on X/Twitter, BlueSky or LinkedIn:- https://twitter.com/eoins | https://bsky.app/profile/eoin.sh | https://www.linkedin.com/in/eoins/- https://twitter.com/loige | https://bsky.app/profile/loige.co | https://www.linkedin.com/in/lucianomammino/
Picture this. You've got a web app built with Rust and Solid.js. It started life running on a dusty on-prem server, but now it's time to move it to the cloud. The clock is ticking. You could take the well-worn AWS path: set up a VPC, configure subnets, attach an ALB, define IAM roles, and deploy with Fargate. Or you could try something different. In this episode of AWS Bites, we share the real story of migrating a monolithic containerized app to AWS App Runner. It promises to take your code, build it, deploy it, and scale it with minimal effort. But does it really deliver? We compare App Runner with Fargate based on hands-on experience. You'll learn where App Runner shines, where it gets in the way, and how we handled everything from custom domains to background job processing. You'll also hear when we would still choose Fargate, and why. If you've ever hoped for a Heroku-like experience on AWS, or you want to simplify your container deployments without giving up too much control, this episode is for you.AWS Bites is brought to you in association with fourTheorem. At fourTheorem, we believe serverless should be simple, scalable, and cost-effective — and we help teams do just that. Whether you're diving into containers, stepping into event-driven architecture, or scaling a global SaaS platform on AWS, our team has your back. Visit https://fourTheorem.com to see how we can help you build faster, better, and with more confidence using AWS cloud!
We discuss common use cases and challenges for copying data between S3 buckets and S3-compatible object storage services. We share our experience building an open source Node.js CLI tool called S3-Migrate to efficiently migrate data with separate source and destination credentials. We cover performance considerations like streaming, chunk sizes, concurrency and parallelism.AWS Bites is brought to you in association with fourTheorem. If you need a friendly partner to support you and work with you to de-risk any AWS migration or development project, check them out at fourtheorem.comIn this episode, we mentioned the following resources:s3-migrate CLI tool: https://github.com/lmammino/s3-migrateDigitalOcean Spaces Object Storage: https://docs.digitalocean.com/products/spaces/Cloudflare R2: https://www.cloudflare.com/en-gb/developer-platform/products/r2/Backblaze B2: https://www.backblaze.com/cloud-storageWasabi Cloud Storage: https://wasabi.com/Linode / Akamai Object Storage: https://www.linode.com/products/object-storage/MinIO (Self-hosted S3-compatible storage): https://min.io/Basecamp / Hey's move away from S3: https://world.hey.com/dhh/it-s-five-grand-a-day-to-miss-our-s3-exit-b8293563AWS re:Post - How to move objects between S3 buckets: https://repost.aws/knowledge-center/move-objects-s3-bucketAWS Labs - Utility for S3 Migration: https://github.com/awslabs/utility-for-s3-migrations3s3mirror (Java-based tool): https://github.com/cobbzilla/s3s3mirrorrclone S3 Support: https://rclone.org/s3/knox-copy (Ruby-based, deprecated): https://github.com/goodeggs/knox-copyFlexify.io (paid cloud migration service): https://flexify.io/Do you have any AWS questions you would like us to address?Leave a comment here or connect with us on X/Twitter, BlueSky or LinkedIn:- https://twitter.com/eoins | https://bsky.app/profile/eoin.sh | https://www.linkedin.com/in/eoins/- https://twitter.com/loige | https://bsky.app/profile/loige.co | https://www.linkedin.com/in/lucianomammino/
In this episode, we provide an overview of AWS Step Functions and dive deep into the powerful new JSONata and variables features. We explain how JSONata allows complex JSON transformations without custom Lambda functions, enabling more serverless workflows. The variables feature also helps avoid the previous 256KB state size limit. We share examples from real projects showing how these features simplify workflows, reduce costs and enable new use cases.AWS Bites is brought to you in association with fourTheorem. If you need a friendly partner to support you and work with you to de-risk any AWS migration or development project, check them out at fourtheorem.comIn this episode, we mentioned the following resources:JSONata and variables official launch post: https://aws.amazon.com/blogs/compute/simplifying-developer-experience-with-variables-and-jsonata-in-aws-step-functions/JSONata exerciser: https://try.jsonata.org/Stedi JSONata playground: https://www.stedi.com/jsonata/playgroundEpisode 103: Building GenAI Features with Bedrock https://awsbites.com/103-building-genai-features-with-bedrock/Episode 63: How to automate transcripts with Amazon Transcribe and OpenAI Whisper https://awsbites.com/63-how-to-automate-transcripts-with-amazon-transcribe-and-openai-whisper/ Do you have any AWS questions you would like us to address?Leave a comment here or connect with us on X/Twitter, BlueSky or LinkedIn:- https://twitter.com/eoins | https://bsky.app/profile/eoin.sh | https://www.linkedin.com/in/eoins/- https://twitter.com/loige | https://bsky.app/profile/loige.co | https://www.linkedin.com/in/lucianomammino/
In this episode, we explore DuckDB, an open-source analytical database known for its speed and simplicity. Discover how DuckDB stands out in various applications and compare it to other tools like SQLite, Athena, Pandas, and Polars. We also demonstrate integrating DuckDB with AWS Lambda and Step Functions for serverless analytics.AWS Bites is brought to you by fourTheorem. If you are looking for a partner to architect, develop and modernise on AWS, give fourTheorem a call. Check out fourtheorem.comIn this episode, we mentioned the following resources: Our `duck-query-lambda`, A Lambda runtime for DuckDB queries: https://github.com/fourTheorem/duck-query-lambda DuckDB's official website: https://duckdb.org/ LibSQL: https://github.com/tursodatabase/libsql Do you have any AWS questions you would like us to address?Leave a comment here or connect with us on X/Twitter, BlueSky or LinkedIn:- https://twitter.com/eoins | https://bsky.app/profile/eoin.sh | https://www.linkedin.com/in/eoins/- https://twitter.com/loige | https://bsky.app/profile/loige.co | https://www.linkedin.com/in/lucianomammino/
In this episode, we discuss using AWS Lambda Powertools for Python to build serverless REST APIs with AWS Lambda. We cover the benefits of using Powertools for routing, validation, OpenAPI support, and more. Powertools provides an excellent framework for building APIs while maintaining Lambda best practices.In this episode, we mentioned the following resources: AWS Bites 41. How can Middy make writing Lambda functions easier? - https://awsbites.com/41-how-can-middy-make-writing-lambda-functions-easier AWS Bites 120. Lambda Best Practices - https://awsbites.com/120-lambda-best-practices/ REST API - Powertools for AWS Lambda (Python) - https://docs.powertools.aws.dev/lambda/python/latest/core/event_handler/api_gateway/ Hono - https://hono.dev/ Fastify - https://fastify.dev/ Axum - https://github.com/tokio-rs/axum FastAPI - https://fastapi.tiangolo.com/Do you have any AWS questions you would like us to address?Leave a comment here or connect with us on BlueSky or LinkedIn: https://bsky.app/profile/eoin.sh | https://www.linkedin.com/in/eoins/ https://bsky.app/profile/loige.co | https://www.linkedin.com/in/lucianomammino/
Ready to take your tech career to the cloud and build those awe-inspiring systems you see? Then you're in the right place. This episode of AWS Bites is your blueprint for becoming a successful cloud architect. We're not just going to talk about it; we'll show you what worked for us, sharing the critical skills you need, and a practical path to build your expertise. Whether you're a beginner or looking to take the next step, join us as we equip you with the knowledge and tools to make your mark as a cloud architect! In this episode, we mentioned the following resources: Google Cloud Architecture Definition: https://cloud.google.com/learn/what-is-cloud-architecture Market data about the Cloud Professional Services market: https://www.gminsights.com/industry-analysis/cloud-professional-services-market EP 91 - Our Journeys into Software and AWS: https://awsbites.com/91-our-journeys-into-software-and-aws/ AWS Well-Architected Framework: https://aws.amazon.com/architecture/well-architected/ EP 68 - Are you well architected?: https://awsbites.com/68-are-you-well-architected/ Cloud Design Patterns: https://learn.microsoft.com/en-us/azure/architecture/patterns/ The art of scalability (book): https://www.amazon.com/Art-Scalability-Architecture-Organizations-Enterprise/dp/0134032802 Enterprise integration patterns (book): https://www.amazon.com/Enterprise-Integration-Patterns-Designing-Deploying/dp/0321200683/ Designing Data-Intensive Applications (book): https://www.amazon.com/Designing-Data-Intensive-Applications-Reliable-Maintainable/dp/1449373321 AWS Networking Essentials (free guide): https://aws.amazon.com/getting-started/aws-networking-essentials/ Docker Curriculum (free): https://docker-curriculum.com/ How Linux works (book): https://www.amazon.com/How-Linux-Works-Brian-Ward/dp/1718500408/ Exercism coding challenges: https://exercism.org/ The tangled web (book): https://www.amazon.co.uk/Tangled-Web-Securing-Modern-Applications/dp/1593273886 Low Level YouTube Channel: https://www.youtube.com/lowlevellearning AWS - Best Practices for Security, Identity, & Compliance: https://aws.amazon.com/architecture/security-identity-compliance/ Supercommunicators (book): https://www.amazon.com/Supercommunicators-Unlock-Secret-Language-Connection/dp/0593862066/ An Elegant Puzzle (book): https://www.amazon.com/Elegant-Puzzle-Systems-Engineering-Management/dp/1732265186/ Staff Engineer (book): https://www.amazon.com/Staff-Engineer-Leadership-beyond-management/dp/1736417916/ EP 58 - What can kitties teach us about AWS: https://awsbites.com/58-what-can-kitties-teach-us-about-aws/ AWS User Groups: https://aws.amazon.com/developer/community/usergroups/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X/Twitter: - https://twitter.com/eoins - https://twitter.com/loige
In this episode, David Lynam provides an overview of AWS Transit Gateway, which aims to simplify complex network connectivity between VPCs, VPNs, and on-premises networks. We discuss the limitations of using VPC peering and the benefits Transit Gateway provides through its hub-and-spoke model. The main components of Transit Gateway are explained, including attachments, route tables, associations, and route propagation. We go through some example use cases like sharing Transit Gateways across accounts, network isolation for compliance, routing traffic through security services, and bandwidth/scaling capabilities. In this episode, we mentioned the following resources: - How Amazon VPC Transit Gateways work Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X/Twitter: - https://twitter.com/eoins - https://twitter.com/loige
In this pre-re:Invent 2024 episode, Luciano and Eoin discuss some of their favorite recent AWS announcements, including improvements to AWS Step Functions, Lambda runtime updates, DynamoDB price reductions, ALB header injection, Cognito enhancements, VPC public access blocking, and more. They share their thoughts on the implications of these new capabilities and look forward to seeing what else is announced at the conference. Overall, it's an exciting time for AWS developers with many new features to explore. Very important: no focus on GenAI in this episode :) AWS Bites is brought to you, as always, by fourTheorem! Sometimes, AWS is overwhelming and you might need someone to provide clear guidance in the fog of cloud offerings. That someone is fourTheorem. Check them out at fourtheorem.com In this episode, we mentioned the following resources: The repo containing the code of the AWS Bites website: https://github.com/awsbites/aws-bites-site Orama Search: https://orama.com/ JSONata in AWS Step Functions: https://aws.amazon.com/blogs/compute/simplifying-developer-experience-with-variables-and-jsonata-in-aws-step-functions/ EC2 Auto Scaling improvements: https://aws.amazon.com/about-aws/whats-new/2024/11/amazon-ec2-auto-scaling-highly-responsive-scaling-policies/ Node.js 22 is available for Lambda: https://aws.amazon.com/blogs/compute/node-js-22-runtime-now-available-in-aws-lambda/ Python 3.13 runtime: https://aws.amazon.com/blogs/compute/python-3-13-runtime-now-available-in-aws-lambda/ Aurora Serverless V2 now scales to 0: https://aws.amazon.com/about-aws/whats-new/2024/11/amazon-aurora-serverless-v2-scaling-zero-capacity/ Episode 95 covering Mountpoint for S3: https://awsbites.com/95-mounting-s3-as-a-filesystem/ One Zone caching for Mountpoint for S3: https://aws.amazon.com/about-aws/whats-new/2024/11/mountpoint-amazon-s3-high-performance-shared-cache/ Appending to S3 objects: https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-objects-append.html 1 million S3 Buckets per account: https://aws.amazon.com/about-aws/whats-new/2024/11/amazon-s3-up-1-million-buckets-per-aws-account/ DynamoDB cost reduction: https://aws.amazon.com/blogs/database/new-amazon-dynamodb-lowers-pricing-for-on-demand-throughput-and-global-tables/ ALB Headers: https://aws.amazon.com/about-aws/whats-new/2024/11/aws-application-load-balancer-header-modification-enhanced-traffic-control-security/ Cognito Managed Login: https://aws.amazon.com/blogs/aws/improve-your-app-authentication-workflow-with-new-amazon-cognito-features/ Cognito Passwordless Authentication: https://aws.amazon.com/blogs/aws/improve-your-app-authentication-workflow-with-new-amazon-cognito-features/ VPC Block Public Access: https://aws.amazon.com/blogs/networking-and-content-delivery/vpc-block-public-access/ Episode 88 where we talk about VPC Lattice: https://awsbites.com/88-what-is-vpc-lattice/ Direct integration between Lattice and ECS: https://aws.amazon.com/blogs/aws/streamline-container-application-networking-with-native-amazon-ecs-support-in-amazon-vpc-lattice/ Resource Control Policies: https://aws.amazon.com/blogs/aws/introducing-resource-control-policies-rcps-a-new-authorization-policy/ Episode 23 about EventBridge: https://awsbites.com/23-what-s-the-big-deal-with-eventbridge/ EventBridge latency improvements: https://aws.amazon.com/about-aws/whats-new/2024/11/amazon-eventbridge-improvement-latency-event-buses/ AppSync web sockets: https://aws.amazon.com/blogs/mobile/announcing-aws-appsync-events-serverless-websocket-apis/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X/Twitter: - https://twitter.com/eoins - https://twitter.com/loige
In this episode, we discuss the pros and cons of using serverless architecture in enterprise companies. We cover topics like cost, complexity, security, ability to evolve architecture, and more. Overall, we find that serverless can provide benefits like reduced operational costs, improved developer productivity, and increased focus on core business logic for larger companies. AWS Bites is sponsored by fourTheorem, an Advanced AWS partner that works collaboratively with you and sets you up for long-term success on AWS. Find out more at fourtheorem.com In this episode, we mentioned the following resources: - Yan Cui - “Even simple serverless applications have complex architecture diagrams”, so what? - Dark Matter Developers: The Unseen 99% - Deloitte - Determining the Total Cost of Ownership of Serverless Technologies when compared to Traditional Cloud (PDF) - Generating Value Through IT Agility and Business Scalability with AWS Serverless Platform (Gated Link) Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X/Twitter: - https://twitter.com/eoins - https://twitter.com/loige
In this episode, we discuss why IAM users and long-lived credentials are dangerous and should be avoided. We share war stories of compromised credentials and overprivileged access. We then explore solutions like centralizing IAM users, using tools like AWS Vault for temporary credentials, integrating with AWS SSO, and fully eliminating IAM users when possible.
In this special episode of AWS Bites, Eoin is joined by Fiona McKenna, co-founder and CFO of fourTheorem, to discuss startup advice, hiring and growing teams, creating an environment for success, and managing cloud costs. They cover important themes around people, culture, leadership, and finance from Fiona's extensive experience in the tech industry.
In this episode, we provided an overview of GitHub Action Runners and discussed the benefits of using self-hosted runners on AWS. We covered options including EC2 and CodeBuild for running GitHub Actions, compared pricing across solutions, and shared our hands-on experience setting things up. Overall, using AWS services can provide more control, lower latency, and cost optimization compared to GitHub hosted runners.
In this episode, we discuss the concept of CloudFormation drift, what causes it, how to detect it, and strategies for resolving it. We explain that drift happens when the actual state of resources diverges from what is defined in the CloudFormation templates. Common causes include manual changes, third party tools, mixing IaC solutions, and automation. We then cover built-in drift detection in CloudFormation and integrating it with alarms. Finally, we suggest approaches for reconciling drift like change sets, deletion protection, and bringing up parallel stacks.
In this episode, we had the pleasure to interview Farrah Campbell, head of modern compute community at AWS, prolific speaker, and former AWS Hero. We discussed Farrah's career journey from healthcare into tech, tips on public speaking, dealing with imposter syndrome, the pace of innovation in the cloud, and predictions for the future. Farrah shared personal stories and advice for getting started in tech and being an active member of the community. It was inspiring to hear from someone so passionate about helping others learn and grow.
In this episode, we discuss AWS Lambda provisioned concurrency. We start with a recap of Lambda cold starts and the different concurrency control options. We then explain how provisioned concurrency works to initialize execution environments in advance to avoid cold starts. We cover how to enable it, pricing details, common issues like over/under-provisioning, and alternatives like self-warming functions or using other services like ECS and Fargate.
In this episode, we discuss Luciano's new book project on using Rust to write AWS Lambda functions. We start with a recap on why Rust is a good fit for Lambda, including performance, efficiency, safety, and low cold start times. Luciano provides details on the book's progress so far, the intended audience, and the current published chapters covering Lambda internals, getting started with Rust Lambda, and building a URL shortener app with DynamoDB. We also explore the differences between traditional publishing and self-publishing, and why Luciano chose the self-publishing route for this book. Luciano shares insights into the writing process with AsciiDoc, code samples, SVG image generation, and using Gumroad for distribution. He invites feedback from listeners who have experience with Rust and Lambda.
An overview of load balancers, explaining how they distribute traffic across multiple servers and provide high availability. We discuss layer 4 and layer 7 load balancers, detailing their pros and cons. We then focus on AWS load balancers, covering network load balancers and application load balancers in depth, including their features, use cases, and pricing models. We conclude by mentioning some alternatives to AWS load balancers.
This episode discusses solutions for securely accessing private VPC resources for debugging and troubleshooting. We cover traditional approaches like bastion hosts and VPNs and newer solutions using containers and AWS services like Fargate, ECS, and SSM. We explain how to set up a Fargate task with a container image with the necessary tools, enable ECS integration with SSM, and use SSM to start remote shells and port forwarding tunnels into the container. This provides on-demand access without exposing resources on the public internet. We share a Python script to simplify the process. We suggest ideas for improvements like auto-scaling the container down when idle. Overall, this lightweight containerized approach can provide easy access for debugging compared to managing EC2 instances.
In this episode, we discuss the newly announced CloudFront Hosting Toolkit from AWS. We provide an overview of the tool, which aims to simplify deploying modern front-end applications to AWS while retaining infrastructure control. We discuss the current capabilities and limitations and share our hands-on experiences trying out the tool. We also talk about alternatives like Vercel and Amplify, and the tradeoffs between convenience VS control. Overall, the toolkit shows promise but is still early-stage. We are excited to see it evolve to support more frameworks and use cases.
In this episode, we discuss some tips and tricks for optimizing performance when working with Amazon S3 at scale. We start by giving an overview of how S3 works, highlighting the distributed nature of the service and how data is stored redundantly across multiple availability zones for durability. We then dive into specific tips like using multipart uploads and downloads, spreading the load across key namespaces, enabling transfer acceleration, and using S3 byte-range fetches. Overall, we aim to provide developers building S3-intensive applications with practical guidance to squeeze the most performance out of the service.
In this episode, we provide a comprehensive overview of DynamoDB, including how it compares to relational databases, when to use it, how to get started, writing and querying data, secondary indexes, and single table design. We share our experiences using DynamoDB and discuss the pros and cons compared to traditional SQL databases.
In this episode, we provide an overview of Amazon Aurora, a relational database solution on AWS. We discuss its unique capabilities like distinct storage architecture for better performance and faster recovery. We cover concepts like Aurora clusters, reader and writer instances, endpoints, and global databases. We also compare the serverless versions V1 and V2, noting that V2 is more enterprise-ready while V1 scales to zero. We touch on billing and additional features like the data API, RDS query editor, and RDS proxy. Overall, Aurora is powerful and scalable but not trivial to use at global scale. It's best for serious enterprise use cases or variable traffic workloads.
In this episode, we discuss 5 different ways to extend CloudFormation capabilities beyond what it natively supports. We started with a quick recap of what CloudFormation is and why we might need to extend it. We then covered using custom scripts and templating engines, which can be effective but require extra maintenance. We recommended relying instead on tools like Serverless Framework, SAM, and CDK which generate CloudFormation templates but provide abstractions and syntax improvements. When you need custom resources, CloudFormation macros allow pre-processing templates, while custom resources and the CloudFormation registry allow defining new resource types. We summarized recommendations for when to use each approach based on our experience. Overall, we covered multiple options for extending CloudFormation to support more complex infrastructure needs.
In this episode, we discuss best practices for working with AWS Lambda. We cover how Lambda functions work under the hood, including cold starts and warm starts. We then explore different invocation types - synchronous, asynchronous, and event-based. For each, we share tips on performance, cost optimization, and monitoring. Other topics include function structure, logging, instrumentation, and security. Throughout the episode, we aim to provide a solid mental model for serverless development and share our experiences to help you build efficient and robust Lambda applications.
In this episode, we provide commentary and analysis on the 2024 AWS Community Survey results. We go through the key findings for each area including infrastructure as code, CI/CD, serverless, containers, NoSQL databases, event services, and AI/ML. While recognizing potential biases, we aim to extract insights from the data and share our perspectives based on experience. Overall, we see increased adoption across many services, though some pain points remain around developer experience. We hope this format provides value to listeners interested in cloud technology trends.
In this episode, we provide an introductory overview of AWS's best practices for managing infrastructure using multiple accounts under an organization. We discuss the advantages of this approach and how to get started creating your own multi-account environment, or "landing zone".
In this episode, we provide an overview of Amazon EBS, which stands for Elastic Block Storage. We explain what block storage is and how EBS provides highly available and high-performance storage volumes that can be attached to EC2 instances. We discuss the various EBS volume types, including GP3, GP2, provisioned IOPS, and HDD volumes, and explain how they differ in performance characteristics like IOPS and throughput. We go over important concepts like IOPS, throughput, and volume types so listeners can make informed decisions when provisioning EBS. We also cover EBS features like snapshots, encryption, direct API access, and ECS integration. Overall, this is a comprehensive guide to understanding EBS and choosing the right options based on your workload needs.
In this episode, we discuss AWS Resource Access Manager (RAM) and how it can be used to securely share AWS resources like VPC subnets, databases, and SSM parameters across accounts. We explain the benefits of using RAM over other options like resource policies and assumed roles. Some key topics covered include how to get started with RAM, how it works from the resource owner and resource participant side, and common use cases like sharing VPC subnets, Aurora databases, and SSM parameters.
In this episode, we discuss Permission Boundary policies in AWS IAM. A permissions boundary is an advanced feature in which you set the maximum permissions that an identity-based policy can grant to an IAM entity. When you set a permissions boundary for an entity, the entity can perform only the actions allowed by its identity-based policies and its permissions boundaries. In this episode, we discuss this concept a bit more in detail and we show how it can be used to give freedom to development teams while preventing privilege escalation. We also cover some of the disadvantages that come with using permission boundaries and other things to be aware of. Finally, we will give some practical advice on how to get the best out of Permissions Boundary Policy and get the best out of them.
In this episode, we discuss the new experimental AWS Lambda LLRT Low Latency runtime for JavaScript. We provide an overview of what a Lambda runtime is and how LLRT aims to optimize cold starts and performance compared to existing runtimes like Node.js. We outline the benefits of LLRT but also highlight concerns around its experimental status, lack of parity with Node.js, and reliance on dependencies like QuickJS. Overall, LLRT shows promise but needs more stability, support, and real-world testing before it can be recommended for production use. In the end, we also have an appeal for AWS itself when it comes to investing in the larger JavaScript ecosystem.
In this episode, we discuss what to do if you accidentally leak your AWS credentials during a live stream. We explain the difference between temporary credentials and long-lived credentials, and how to revoke each type. For temporary credentials, we recommend using the AWS console to revoke sessions or creating an IAM policy to deny access. For long-lived credentials, you must deactivate and rotate the credentials. We also touch on using tools like HashiCorp Vault to manage credentials securely.
In this episode, we provide a friendly introduction to Service Control Policies (SCPs) in AWS Organizations. We explain what SCPs are, how they work, common use cases, and tips for troubleshooting access-denied errors related to SCPs. We cover how SCPs differ from identity-based and resource-based policies, and how SCPs can be used to set boundaries on maximum permissions in AWS accounts across an organization.
In this episode, we discuss how we work as a cloud consulting company, including our principles, engagement process, sprint methodology, and focus on agile development to deliver successful projects. We aim to be trusted partners, not just vendors, and enable our customers' business goals. By the end of this episode, you will know what working with a cloud consulting company like fourTheorem could look like and you might learn some strategies to make cloud projects a success! We will also digress a little into the history of software practices, common misconceptions, and what we believe should be the right way to build software.
In this episode, we discuss using AWS Lambda for machine learning inference. We cover the tradeoffs between GPUs and CPUs for ML, tools like ggml and llama.cpp for running models on CPUs, and share examples where we've experimented with Lambda for ML like podcast transcription, medical imaging, and natural language processing. While Lambda ML is still quite experimental, it can be a viable option for certain use cases.
This episode of the AWS Bites Podcast provides an overview of the AWS Project Development Kit (PDK), an open-source tool to help bootstrap and maintain cloud projects. We discuss what PDK is, how it can help generate boilerplate code and infrastructure, keep configuration consistent across projects, and some pros and cons of using a tool like this versus doing it manually. Is PDK something you should use for your cloud projects? Let's find out!
In this episode, we discuss how you can use Python for data science workloads on AWS Lambda. We cover the pros and cons of using Lambda for these workloads compared to other AWS services. We benchmark cold start times and performance for different Lambda deployment options like zip packages, layers, and container images. The results show container images can provide faster cold starts than zip packages once the caches are warmed up. We summarize the optimizations AWS has made to enable performant container image deployments. Overall, Lambda can be a good fit for certain data science workloads, especially those that are bursty and need high concurrency.
In this episode, we share expert opinions from AWS community leaders on their favorite announcements from re:Invent 2023, advice for those starting their cloud journey, predictions for the future of serverless, whether to go multi-cloud or not, and how AI will impact developers. Our guests provide insightful perspectives on getting hands-on experience, leveraging the AWS community, thinking through architectural decisions, and more. AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources. Alex Kearns on Linkedin: https://www.linkedin.com/in/alexjameskearns/ AWS Console-to-Code (Preview) to generate code for console actions: https://aws.amazon.com/about-aws/whats-new/2023/11/aws-console-to-code-preview-generate-console-actions/ Emily Shea on Linkedin: https://www.linkedin.com/in/emshea/ Emily's talk: Getting started building serverless event-driven applications (SVS205): https://www.youtube.com/watch?v=1aTQI-Kqs2U Ran Isenberg on Linkedin: https://www.linkedin.com/in/ranisenberg/ Ran's blog: https://www.ranthebuilder.cloud/ Maxime David on Linkedin: https://www.linkedin.com/in/maxday/ Danielle Heberling on Linkedin: https://www.linkedin.com/in/deeheber/ Jones Zachariah Noel N on Linkedin: https://www.linkedin.com/in/jones-zachariah-noel-n/ Sam Williams on Linkedin: https://www.linkedin.com/in/sam-complete-coding/ AJ Stuyvenberg on Linkedin: https://www.linkedin.com/in/aaron-stuyvenberg/ Faizal Khan on Linkedin: https://www.linkedin.com/in/faizal-khan/ Heitor Lessa on Linkedin: https://www.linkedin.com/in/heitorlessa/ Chris Williams on Linkedin: https://www.linkedin.com/in/chrisfwilliams/ Praneeta Prakash on Linkedin: https://www.linkedin.com/in/praneetaprakash/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - https://twitter.com/eoins - https://twitter.com/loige #aws #reinvent2023 #reinvent #networkingevents
Luciano and Eoin chat about Luciano's experience attending AWS re:Invent 2023 in Las Vegas for the first time. They talk about the massive scale of the event, logistical challenges getting around between venues, highlights from the keynotes and announcements, and tips for networking and getting the most out of re:Invent. Luciano shares his perspective on the AI focus, meeting people in real life after connecting online, rookie mistakes to avoid, and why re:Invent is worth the investment for anyone working in the AWS space. AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources. - Amazon Q: https://aws.amazon.com/blogs/aws/introducing-amazon-q-a-new-generative-ai-powered-assistant-preview/ - Efi Merdler-Kravitz's talk on "Rustifying serverless" with AWS Lambda (YouTube): https://www.youtube.com/watch?v=Mdh_2PXe9i8 - ElastiCache Serverless for Redis and Memcached: https://aws.amazon.com/blogs/aws/amazon-elasticache-serverless-for-redis-and-memcached-now-generally-available/ - Throughput increase and dead letter queue redrive for SQS FIFO: https://aws.amazon.com/blogs/aws/announcing-throughput-increase-and-dead-letter-queue-redrive-support-for-amazon-sqs-fifo-queues/ - Step Functions Workflow Studio in AWS Application Composer: https://aws.amazon.com/blogs/aws/aws-step-functions-workflow-studio-is-now-available-in-aws-application-composer/ - Lambda scales 12x faster: https://aws.amazon.com/blogs/aws/aws-lambda-functions-now-scale-12-times-faster-when-handling-high-volume-requests/ - Step Function redrive from a failed state: https://aws.amazon.com/blogs/compute/introducing-aws-step-functions-redrive-a-new-way-to-restart-workflows/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - https://twitter.com/eoins - https://twitter.com/loige #aws #reinvent2023 #reinvent #networkingevents
In this episode, we discuss integration testing event-driven systems and explore AWS's new Integration Application Test Kit (IATK). We cover the challenges of testing events and common approaches like logging, end-to-end testing, and using temporary queues. We then introduce IATK, walk through how to use it for EventBridge testing, and share our experience trying out the X-Ray trace validation. We found IATK promising but still rough around the edges, though overall a useful addition to help test complex event flows.
In this episode, we celebrate AWS Lambda's 9th birthday by taking a deep dive into Lambda runtimes. We discuss how Lambda works, compare official runtimes vs. custom runtimes, and explain when and why building a custom runtime might be worth the effort. We talk through how custom runtimes work, options for deploying them, and potential use cases where they could be beneficial over standard runtimes.
In this episode, we discuss how we automated generating YouTube descriptions, chapters and tags for our podcast using Amazon's new GenAI tool: Bedrock. We provide an overview of Bedrock's features and how we built an integration to summarize podcast transcripts and extract relevant metadata using the Anthropic Claude model. We share the prompt engineering required to instruct the AI, and details on our serverless architecture using Step Functions, Lambda, and EventBridge. We also discussed Bedrock pricing models and how we built a real-time cost-monitoring dashboard. Overall, this automation saves us substantial manual effort while keeping costs low. We hope this episode inspires others to explore building their AI workflows with Bedrock.
In this episode, we have the pleasure of speaking with Jeremy Daly, CEO of Ampt and a leader in the AWS and serverless community. We discuss Jeremy's journey into AWS and serverless, the prolific open source work and content he creates, the evolution of serverless over the years, common myths about serverless, and, finally, the story behind building Ampt to improve the developer experience. Jeremy provides his perspective on the state of serverless and predictions for the future and it also gives some fantastic pieces of advice for wannabe tech-entrepreneurs!
Today we embark on a fascinating journey into the world of AWS Lambda functions and how to make them accessible to the public. In a recent use case, involving the creation of a public Lambda function for AWS users, we asked ourselves some interesting questions. How can you securely, cost-effectively, and conveniently publish AWS resources, especially Lambda functions, for others to use? And... can we possibly make some money out of this? Join us as we explore various options and share our findings for making your AWS resources available to the world. We dive into the Serverless Application Repository (SAR), an AWS treasure trove for publishing resources. And SAR isn't the only way! We also discuss alternatives like CloudFormation templates, GitHub publishing, Terraform modules, and container images. We explore the pros and cons of these methods and debate the implications in terms of cost, security, and ease of use. Finally, we touch on the AWS Marketplace as a platform to monetize your AWS resources.
Greetings, my fellow innovators, and welcome to this illuminating episode of AWS Bites! In this edition, we embark on a journey into the realms of Ampt, a groundbreaking solution that simplifies the intricate landscape of AWS application development, allowing you to direct your focus toward the very essence of your applications, unhindered by the burdens of infrastructure management. As your guides through this remarkable odyssey, hosts Luciano and Eoin delve into the ingenious facets of Ampt. We unveil its "code over infrastructure" paradigm, which resonates with the principles of efficiency and simplicity. Furthermore, we explore Ampt's intelligent compute options, designed to adapt to the dynamic needs of your applications, and its streamlined deployment process, which paves the way for a more seamless journey into the world of cloud development. Join us on this voyage as we unravel how Ampt simplifies the intricate art of crafting full-stack applications. Notably, it offers individual sandboxes for each developer, eliminating the cacophony of distractions caused by noisy neighbors. Together, we will also uncover the straightforward path to beginning your journey with Ampt, highlighting its exciting features that promise to reshape the landscape of cloud development. This episode is a testament to innovation and the pursuit of progress. So, heed the call and stay at the forefront of AWS development by immersing yourself in this episode today!
In this thrilling episode of AWS Bites Podcast, we delve into the murky world of cloud computing and discuss the most haunting fears that deter businesses from adopting Amazon Web Services (AWS). In this gritty discussion reminiscent of a noir novel, they reveal the sinister concerns of cost, complexity, security, and vendor lock-in that keep organizations in the dark. If you're in the cloud consulting business or facing internal resistance to moving your projects to AWS, this episode is your secret weapon. We shed light on how to reassure your clients and your boss that AWS can bring value. We also provide valuable tips on how to prepare your organization for a successful migration, as these transitions often require significant changes within the company itself. In this episode, you'll discover: How to tackle the fear of cost and gain control over your spending; Strategies to navigate the labyrinth of AWS complexity and maximize productivity; Techniques to secure your AWS environment and shield against potential breaches; The trade-offs of vendor lock-in and how to mitigate risks; Whether AWS is the right path for your business and when to embrace it.
Today, we will explore the enigmatic world of Amazon Pinpoint. Pinpoint boasts a wide range of capabilities that can prove advantageous for various marketing endeavors. In this intriguing episode, we will shed light on Pinpoint's core features and use cases. Additionally, we will compare it to several other marketing products, including Google Analytics, Marketo, Mailchimp, and more. However, the most startling revelation pertains to the recent changes in Pinpoint's limitations, which have left users deeply concerned. The astonishing reduction from 7,000 events per second to a mere 15 has prompted us to ponder: is AWS attempting to relegate Pinpoint to oblivion? Join us in the eerie tranquility of a snow-covered hotel as we unravel the mysteries surrounding Pinpoint's destiny. Could it be that AWS aims to discontinue Pinpoint altogether? Alternatively, are they endeavoring to revitalize it, akin to a vengeful spirit seeking redemption? Or could there be a nefarious pricing strategy at play? As the ethereal specter of Pinpoint looms large, we implore AWS to provide clarity regarding its intentions. If you are a Pinpoint user or contemplating entering this mysterious realm, tune in and share your thoughts in the comments. Will Pinpoint endure, or is it destined to become a fading memory in the annals of technology?
Rev up your AWS know-how in this high-octane episode of AWS Bites Podcast, where we take you under the hood to fine-tune your AWS applications configuration! Kicking things off, we rev our engines and stress the vital role of slick configuration management in the world of cloud-based applications, leaving those old-school methods in the dust. Buckle up as we steer you through the twists and turns, starting with the straightforward horsepower of environment variables, giving you the lowdown on what fuels them and when to put the brakes on. We then shift gears to introduce AWS Systems Manager Parameter Store as a simple, yet effective solution that can provide you with all the torque you need. Secrets Manager rolls in next, guarding your valuable secrets with KMS encryption and IAM. The track leads to AppConfig, where they fine-tune your configuration game, ensuring smooth deployments and no pit stops for errors. For the daredevils out there, we open the toolbox and show you how to custom-build your own configuration engine, putting you in the driver's seat. Finally, we rev up the engine one last time and hit the gas with our recommendations, offering you a turbocharged approach to AWS configuration, tailored to your application's needs. So, tighten those bolts and get ready for a ride that'll leave your AWS configuration skills purring like a finely-tuned machine!
In this episode of AWS Bites, Luciano and Eoin dive deep into the world of AWS governance, landing zones, and automation tools. AWS emphasizes the importance of good governance for customers of all sizes, whether you're starting from scratch or have been using AWS for years. But with so many tools available, which one should you choose? Join us as we explore the best practices for setting up your AWS accounts correctly and discover tools that can automate the process, including AWS Control Tower and open-source alternatives like OrgFormation and Terraform. Whether you're new to AWS or a seasoned user, there's something valuable for everyone in this episode.
Saddle up for a cloud adventure like no other in this episode of AWS Bites, where Eoin and Luciano explore the untamed world of AWS S3 Mountpoint. Just like a trusty steed on the digital prairie, Mountpoint gallops into action to solve complex use cases, making it a valuable asset for managing massive data, achieving high throughput, and effortlessly fetching information from the AWS S3 wilderness. Dive deep into the inner workings of Mountpoint, a Rust-powered Linux-exclusive application that harnesses the Linux FUSE subsystem to provide optimal S3 performance. While exploring alternatives like s3fs-fuse and goofys, discover the benefits of sticking to native AWS tools for certain scenarios. Uncover Mountpoint's performance prowess, thanks to its integration with AWS Common Runtime libraries, and learn when to hop on this cloud cowboy or opt for a more native approach. Wrapping up, don't forget to check out AWS Storage's blog post for an even deeper dive into Mountpoint's capabilities. Whether you're a seasoned cloud wrangler or a newcomer to the digital rodeo, this video will equip you with the knowledge to navigate the AWS S3 Mountpoint frontier confidently.
Ever wondered how to gain deep insights into the myriad of activities within your AWS organization accounts? In this episode of AWS Bites, we dive into the world of AWS CloudTrail and Athena, showing you how to seamlessly query and analyze CloudTrail logs for valuable information, troubleshooting, security, and compliance.