Control Tower Guardrails overview (Preventive, Detective and Proactive)

A Guardrail (or Control) is a high-level rule that provides ongoing governance for your overall AWS environment. It’s expressed in plain language. AWS Control Tower implements preventive, detective, and proactive controls that help you govern your resources and monitor compliance across groups of AWS accounts. A control applies to an entire organizational unit (OU), and […]

GitOps for AWS Cloudformation

What is GitOps GitOps is an operational framework that uses DevOps best practices for application development, such as version control, collaboration, compliance, and CI/CD, and applies them to infrastructure automation. In the GitOps approach, we use a Git repository as the single source of truth for infrastructure definitions. Git is an open-source version control system […]

Moving to AWS Graviton. Why and How?

AWS continuously improves cloud services and introduces new hardware for processing power, but customers usually do not rush to move to newer instance generations. AWS documents state that newer generations are more powerful and cheaper, but what is the difference in numbers? In this post, I researched and compared four generations of the instance type […]

Cloud Intelligence Dashboards Framework for AWS Organization

According to the Shared Responsibility Model AWS is responsible for “Management of the Cloud”, while a customer is responsible for Security and Operations in the Cloud + attention to costs as AWS provides virtually unlimited capacity on the “pay as you go” model. There are native AWS tools like AWS Trusted Advisor, AWS Cost Explorer, […]

Simulating failures in Amazon Aurora MySQL / PostgreSQL

Clouds allow us to design highly-available and fault-tolerant systems quite easily. Moreover, we can use managed services (for example, databases) to reduce the operational overhead and focus on our business logic. Design and implementation are not enough; we should also test how our system tolerates failures and continuously improves. In this post, we will look […]

Determining data sentiment in the Amazon Aurora database using Amazon Comprehend

Problem statement Collecting customer feedback is essential for every business. But collecting is not enough. We must understand and react to them to improve our product and grow the business. Processing feedback manually was a common thing earlier, and many companies still do it nowadays, but we live in the era of machine learning, and […]

Retired third-party CloudFormation extensions. Registering a private extension.

Problem statement A long time ago, we used public third-party CloudFormation extensions to deploy the EKS cluster with deployed Helm charts as part of a single CloudFormation template. AWS introduced many cool things since then, for example, EKS add-ons, so such an approach may not be entirely relevant nowadays. But in our case, the customer […]