Using encrypted Amazon machine images from another account in an autoscaling group does not work out of the box. You need to create an explicit KMS grant to make it work. In this blog, I will show you how to configure this in CloudFormation using our custom KMS grant provider in CloudFormation.

Read more...

In this post I will walk you through the challenges I’ve faced when adopting the object type in my Terraform 0.12 modules, and the solutions I came up with to work around the caveats. As an example I will use the google_storage_bucket resource, as this is part of one of the modules I’ve built.

Read more...

As part of the Data lake I’m working on Sagemaker instances for Data Analysts to run analytics jobs. These instances are required on demand, in fact when Analysts are crunching or exploring data. One solution could be to create these instances upfront, at the very start of the job, and clean up the instances once the job has been completed. Yet these instances incur costs, even when stopped thru EBS volumes. Read more...

Of all the sessions I attended at re:Invent 2019, the one I found most interesting was about the Security Benefits of the Nitro architecture.

Although it might sound weird to hear a Cloud Consultant discuss hardware details, what makes it worth going down to this level is, that the Nitro architecture showcases in what ways AWS is innovating in the field of virtualization. I guess that because of this, Werner himself highlighted these features in his keynote.

Read more...

When you look at Google Cloud services like Source Repository and Cloud Build, you would think it is very easy to create a CI/CD build pipeline. I can tell you: it is! In this blog I will show you how to create a serverless CI/CD pipeline for a Docker image, using three resources in Terraform.

Read more...

The Binx team attended re:Invent 2019 in Las Vegas. Bart Verlaat, Thijs de Vries and Bas Harenslak (GoDataDriven) took a few moments to share their experiences and main take-aways from Amazon Web Services’s main event of the year. Embrace Cloud Top-Down “Fantastic to be part of this with our team. It’s been an amazing week. For me personally, to meet our customers but also the other partners with whom we organized the BeNeLux drinks”, said Verlaat. Read more...

In AWS CloudFormation there is no way to set the active receipt rule set of the AWS Simple Email Service. As we strive for 100% reproducibility, we created a custom resource to do just that.

Read more...

Terraform gives you a nice way to orchestrate your Cloud resources. It allows you to organise multiple resources into reusable modules or even separate Terraform runs with data resource as the glue. Maintainability Just like all code it can be challenging to keep maintenance of it from being someone or your own worse nightmare. Typically I find myself moving resources as much as creating them. Especially at the beginning of a project or product, when you create lots of resources. Read more...

Cloud Run is the serverless product on Google Cloud that lets you run serverless containers. After a short period in beta, the product is now generally available and ready for production workloads. Let me tell you three reasons why I think Cloud Run is different!

Read more...

In AWS CloudFormation there is no way to generate SES domain identities or obtain the DKIM tokens required to send and receive emails using AWS Simple Email Service. As we strive for 100% reproducibility, we created a custom provider for both the domain identity and DKIM validation tokens. These custom providers return both the tokens and the required DNS record sets which are required to validate the domain and email sender.

Read more...