andreas - Network

About 2 months ago, we started preparing for an ISO 27001 audit. During the preparation we identified two major areas where we needed to...

About 2 months ago, we started preparing for an ISO 27001 audit. During the preparation we identified two major areas where we needed to improve our procedures.

1️⃣ Access management and endpoint security which is especially challenging when working with freelancers
2️⃣ Vulnerability management for source code and production systems

We learned a lot along the way. What are your experiences from 3rd party audits?

We handed over our policies, procedures, and evidence to an auditor for an ISO 27001 certification. And now I have exam nerves.There is no...

We handed over our policies, procedures, and evidence to an auditor for an ISO 27001 certification. And now I have exam nerves.

There is no good reason for my fear, because we are well prepared. 🧵

The naming confusion among the AWS services VPC, Private Link, and Lattice are priceless. 🙈

The naming confusion among the AWS services VPC, Private Link, and Lattice are priceless. 🙈

🤯 Did you know that AWS discontinued the availability zone usw1-az3 for "newer" accounts?⚠️ So it is no longer true, that...

🤯 Did you know that AWS discontinued the availability zone usw1-az3 for "newer" accounts?

⚠️ So it is no longer true, that all regions come with at least three availability zones.

🙈 The argument that you should use AWS to simply roll out infrastructure around the world is also becoming increasingly fragile.

❓By the way, does anyone know the reason why AWS decided to discontinue availability zone usw1-az3?

📹 I'm a little out of practice. But there will be new videos soon. Today I made the first studio recording after a long break.

📹 I'm a little out of practice. But there will be new videos soon. Today I made the first studio recording after a long break.

🎉 This will most likely be the most important feature announcement from AWS in 2025 ...... at least it is for Michael and me, as we are...

🎉 This will most likely be the most important feature announcement from AWS in 2025 ...

... at least it is for Michael and me, as we are releasing new versions for our AMI+CloudFormation products via the AWS Marketplace every week.

🆕 AWS Marketplace expands self-service listing experience for AMI products with CloudFormation templates
(see https://aws.amazon.com/about-aws/whats-new/2025/01/aws-marketplace-self-service-listing-ami-cloudformation-templates/)

For years, we waited for AWS to deliver on their promise to replace the XLSX "interface" with an API.

🙏 Finally!

🤯 The design decision that any UTF-8 character can be used in an S3 object key name caused me a lot of headaches.ℹ️ The documentation...

🤯 The design decision that any UTF-8 character can be used in an S3 object key name caused me a lot of headaches.

ℹ️ The documentation says you should only use "safe" characters:

Alphanumeric characters
0-9
a-z
A-Z

Special characters
Exclamation point (!)
Hyphen (-)
Underscore (_)
Period (.)
Asterisk (*)
Single quote (')
Open parenthesis (()
Close parenthesis ())

🙈 Unfortunately, the API does not enforce the use of safe characters but allows any UTF-8 characters.

Yesterday @michael and I celebrated our 10th company anniversary. Together we created t-shirts and sweaters with the company logos on...

Yesterday @michael and I celebrated our 10th company anniversary. Together we created t-shirts and sweaters with the company logos on them.

👉 I wrote a blog post summarizing our journey over the last 10 years.
https://cloudonaut.io/10th-anniversary-our-story/

⚠️ Stumbling block when migrating from Amazon Linux 2 to Amazon Linux 2023:/tmp is no longer mawscommunitye root volume but on tmpfs. As...

⚠️ Stumbling block when migrating from Amazon Linux 2 to Amazon Linux 2023:

/tmp is no longer mawscommunitye root volume but on tmpfs. As tmpfs stores files in memory, the maximum size of /tmp is determined by the EC2 instance type’s memory capacity.

Either avoid storing large files under /tmp or disable tmpfs for /mnt by using the following commands:

sudo systemctl mask tmp.mount
sudo systemctl stop tmp.mount

#AmazonWebServices #awscommunity

Self-hosting GitHub runners looks simple on a high level (see diagram). But the devil is in the details.💪 Fault tolerance💪...

Self-hosting GitHub runners looks simple on a high level (see diagram). But the devil is in the details.

💪 Fault tolerance
💪 Scalability
💪 Performance
💪 Cost efficiency

I've been working on improving the architecture and adding features to HyperEnv this week. Will share more details about the new architecture soon!

🔥 Hot off the Cloud: How to move a DynamoDB table to another region or account?1️⃣ Restore table from backup2️⃣ S3 Export and...

🔥 Hot off the Cloud: How to move a DynamoDB table to another region or account?

1️⃣ Restore table from backup
2️⃣ S3 Export and Import
3️⃣ Copy data with DynamoDB CLI tool

https://cloudonaut.io/dynamodb-move-region-account-backup-restore/

👉 Sharing is caring!

So far, I came across the following possibilities to backup and restore a DynamoDB table:1️⃣ DynamoDB Backup2️⃣ AWS Backup3️⃣ S3...

So far, I came across the following possibilities to backup and restore a DynamoDB table:

1️⃣ DynamoDB Backup
2️⃣ AWS Backup
3️⃣ S3 Export/Import
4️⃣ DynamoDB API (Scan, PutItem)

@mlafeldt look whom I have discovered as a contributor to dynein. 🙏

@mlafeldt look whom I have discovered as a contributor to dynein. 🙏

What's your preferred method to move data between DynamoDB tables? For example, when moving DynamoDB tables to another account. Bonus...

What's your preferred method to move data between DynamoDB tables? For example, when moving DynamoDB tables to another account. Bonus points for methods, that work with IaC tools like Terraform.

#AmazonWebServices #awscommunity #dynamodb

❓To all small software companies: are you ISO 27001 certified? If so, which tools and providers would you recommend?We are investigating...

❓To all small software companies: are you ISO 27001 certified? If so, which tools and providers would you recommend?

We are investigating our options to achieve an ISO 27001 certification in 2025 for attachmentAV and other products.

Compared to the CDK the cfn-modules are very simple to use. It's just a suite of CloudFormation templates that you stick together with...

Compared to the CDK the cfn-modules are very simple to use. It's just a suite of CloudFormation templates that you stick together with nested stacks. npm is used to install and update the modules.

Check it out!
👉 https://github.com/cfn-modules/docs

#awscommunity #cloudformation #AmazonWebServices

🧵(2/2)

During the past weeks, I spent some time modernizing a suite of CloudFormation templates called cfn-modules, that we used heavily for our...

During the past weeks, I spent some time modernizing a suite of CloudFormation templates called cfn-modules, that we used heavily for our consulting gigs.

✅ Migrated CI/CD from CodeBuild to GitHub Actions
✅ Migrated Lambda functions to Node.js 22
✅ Updated Amazon Linux AMIs
✅ Updated RDS Engine Versions
✅ Fixed automated tests

🧵 (1/2)

🎉 We are launching a new product today: attachmentAV Virus and Malware Scan API (Self-hosted on AWS)🛡️ Protect your workloads from...

🎉 We are launching a new product today: attachmentAV Virus and Malware Scan API (Self-hosted on AWS)

🛡️ Protect your workloads from viruses and malware
🦠 Integrate virus and malware scanning by calling a REST API
☁️ Deploy the virus and malware scan API to your AWS account
🌎 Access API via an internal (VPC) or public (Internet) endpoint

👉 Now available on the AWS Marketplace.

Spread the news!

#AmazonWebServices #cloudsecurity

Here are my observations so far:👍 Getting started with ollama and Continue is straight forward.👍 Rewriting small parts of code works...

Here are my observations so far:

👍 Getting started with ollama and Continue is straight forward.
👍 Rewriting small parts of code works quite well.
👍 Letting the AI explain parts of the code is useful from time to time.

👎 The code completion does not work very well. It comes up with totally wrong suggestions often.
👎 For both code completion and generation the response times are quite high.

❓Are you using local LLMs for programming? Or are you fine with LLMs running in the cloud?

🧵 (2/2)

🧠 I'm experimenting with local LLMs for programming. My setup consists of three building blocks:1️⃣ ollama to download and run...

🧠 I'm experimenting with local LLMs for programming. My setup consists of three building blocks:

1️⃣ ollama to download and run LLMs.
2️⃣ Continue for code completion, code generation, and discussion integrated into VS Code.
3️⃣ MacBook Pro with M4 Pro

🧵 (1/2)