Blog Archives

supporting Thorn’s campaign by protecting your AWS S3 resources

As alluded to in a previous blog post, We Saw. We Hacked. We Conquered. this is the follow up with the architectural details. Thorn builds technology to defend children from sexual abuse with the goal of bringing this tech to every

Posted in General

Battle of the PaaS. AWS vs Google Cloud Platform

In the wake of Google’s Next ’17 event and the AWS San Francisco Summit 2017, I wanted to continue the AWS vs GCP comparison series.  In this part though, I wanted to focus on each public cloud vendor’s Platform as a Service

Posted in AWS, Cloud Management, GCP, Public Cloud

AWS and GCP, Account vs Project Boundaries

  One of the most interesting differences between GCP and AWS is how each vendor recommends you isolate the blast radius of functional teams.  AWS will tell you that in all likelihood, you will need at least two accounts, but possibly

Posted in AWS, Cloud, Cloud Management, GCP, Public Cloud

Real World Cost Example for Google and AWS

In the wake of Google’s Next ’17 event, and a slew of recent Reserved Instance changes by Amazon Web Services (AWS), it seemed appropriate to compare to see if anything in the public cloud VM pricing has changed, or perhaps

Posted in AWS, Cloud, Cost Optimization, GCP

Pay AWS Less for your Dev and Test Workloads

24×7 environments are handy, but are they required for Dev and Test? I’m going to assume your development team is not leveraging development environments 24 hours a day 7 days a week.  That is to say, I’m assuming you don’t

Tagged with: , ,
Posted in Amazon Web Services, AWS, Cloud, Cost Optimization, Public Cloud

6 Things to know about AWS Elastic Beanstalk

ElasticBeanstalk is AWS’ PaaS, and it’s a powerful platform to accelerate application delivery in AWS’ cloud.  That said, I have come across a few things that have been stumbling blocks for some users of the service, especially as they try

Posted in Amazon Web Services, AWS, Cloud, General, Public Cloud

When Security Best Practices Conflict – AWS KMS vs Whitelists

A while back AWS EBS encryption moved to using KMS (Key Management Service).  This was a welcome change as KMS is a great service that enables some interesting security models around different AWS customers sharing KMS keys and allowing each

Posted in Amazon Web Services, AWS, Cloud, Security

To NAT or to Proxy, That is the Question…

A Better Way to Manage Internet Access for VPC Resources Anyone who has run OpsWorks stacks with private instances relying on NAT for Internet access may have seen firsthand what danger lurks beneath the surface.  These instances will show as unhealthy to OpsWorks

Posted in Amazon Web Services, Cloud, Security

Highly Available Network Address Translation, that friend you love to hate…

if you care about security, you should care about NAT Who is NAT and what is HA? As we outlined in our last blog, Amazon Web Services (AWS) introduced Virtual Private Cloud (VPC) years ago and many advanced networking and

Tagged with: , , , ,
Posted in Cloud, General