KMS Encryption of Autoscaled Instance Volumes

A lot of effort is put into securing the file system of your servers, and security can be brought into question if volumes are not being encrypted. This can be a challenge with autoscaled instance groups and encrypted AMIs. Whenever I created an autoscaled application, I would apply the necessary permissions to the launch configuration through a role1, only to have instances go into a starting stage and then shut down. [Read More]

Lambda Pattern: Hopper

Reusable patterns for Lambda

Hopper: A container for a loose bulk material such as grain, rock, or rubbish, typically one that tapers downward and is able to discharge its contents at the bottom. A person or thing that hops. A simple pattern I’ve been using lately when working with serverless architecture is what I’ve been calling a hopper, i.e. a Lambda function that takes as argument a path to some semi-structured data that can be iterated over then passed onto another Lambda function with the purpose of performing some well defined and isolated task. [Read More]

AWS Config and Resource Tags

An infrastructure piece I’ve been working on over the last fortnight is enforcing tags on resources in the AWS account environment. If you’ve worked in an Amazon account that hosts multiple environments with different resource types and jobs you will know it can quickly become difficult to tell if some resource is necessary or not, it may have been created by another team member and no one remembers if it’s used anymore. [Read More]