Sometimes a resource, such as AWS::EC2::EIP, does support tags but not in CloudFormation. The request for tagging support in CloudFormation has been outstanding at AWS for quite some time now. So in this blog, we will show you how to add tags to any resource using a CloudFormation custom provider.

Read more...

In this blog we show you how to store secrets in Google Cloud Platform using Berglas. Berglas combines the features of Google Cloud Storage, Google Key Management Serviceand Google Identity and Access management to create a secret store. It stores secrets safely and needs explicit authorization to access them. Google Cloud Platform logs any access to the secrets in the audit trail.

Read more...

This blog post describes how you can create a complete VPC, including the calculation of subnets with the use of the Fn::Cidr intrinsic function, an internet gateway, route tables, routes and subnet associations using Rubycfn. The product of this Rubycfn script is a CloudFormation template that you can deploy. Check out Rubycfn at https://github.com/dennisvink/rubycfn or try out the online Rubycfn compiler at https://rubycfn.com/ Introduction Rubycfn is a CloudFormation abstraction layer and deployment orchestration tool. Read more...

When you look at AWS services like CodeBuild, CodeCommit, CodePipeline and ECR, you would think it is very easy to create a simple CI/CD build pipeline for a docker image. But it is not. In this blog we will introduce a CloudFormation template which creates a serverless CI/CD pipeline for Docker images. The template allows you to create CI/CD pipelines for Docker images in minutes!

Read more...

AWS Global Accelerator is an awesome service which was announced in 2018, but unfortunately without CloudFormation support. In this blog we show you how to configure your accelerators, listeners and endpoint groups in CloudFormation using a custom provider.

Read more...

This blog post describes how to use the AWS Global Accelerator with a simple service across two regions, deployed with Terraform. AWS Global Accelerator is a networking service that improves the availability and performance of the applications that you offer to your global users. The source code can be found on GitHub: https://github.com/binxio/tf-global-accelerator I used a lot of inspiration from the following blog post by Adrian Hornsby: “Multi-region serverless backend”. Read more...

One of the best kept secrets of the AWS CLI should be the ‘alias’ feature. It’s a native feature of AWS. In this blog post I’ll describe how to get started and show you a couple of my most used aliases so far. cat > ~/.aws/cli/alias <<! [toplevel] whoami = sts get-caller-identity cf = cloudformation cfls = !f() { aws cloudformation list-stacks }; f ! Now try your new aliases. Read more...

TrendMicro DeepSecurity provides intrusion detection and threat mitigation for your virtual machine instances on AWS. In this blog, we will introduce you to the CloudFormation custom provider for TrendMicro DeepSecurity. With this provider you can deploy both EC2 instances and DeepSecurity policies and rules from a single CloudFormation template.

Read more...

I love CloudFormation, and I love Terraform. I use both tools often in blog posts, in courses, and at clients. I often get the question to choose between CloudFormation and Terraform. In this blog post, I want to share a couple of CloudFormation features to help you make a choice. Features that are easy to use and are important considerations when selecting the right tool when running production workloads. Read more...

At some point in your application’s lifecycle, there might come a time when you need to start scaling your data storage. If you are storing media files or other blobs that have no relations between them, you can easily add storage capacity to solve the problem. For (semi-)structured data in a database however, scaling is a whole different story. Simply adding database instances is not enough. You will need to reconsider the usage patterns and decide what solution solves the problem you have. Read more...