When you create a new AWS account, one of the best practices to follow is to remove all the default VPC resources. So when the 4.0 AWS Provider released it was really exciting as they included a new option to help destroy this: So going ahead you’d think you could now simply do this. resource […]
Adding Terraform AWS Cost Policies using Infracost and Checkov
Building cloud infrastructure isn’t cheap but it is extremely accessible. While we apply service control policies to limit the accessibility of certain resources for security purposes, can we apply the same tools to examine cost? The answer is, yes. Infracost is available to provide insights before deployment by examining the Terraform plan. This provides us […]
How To Save Money On AWS
While moving to consumption based spending from a data center can be advantageous for many reasons, companies still need to pay attention to their spends and have the ability to optimize them beyond just through workload management. This article will explore options to help mitigate costs from the procurement level. Compute Savings Plans The lowest […]
9 AWS Security Quick Wins
Security does not have to be cumbersome, expensive, and complex. When working with AWS there are some simple and cost effective actions that can be taken to improve your overall security posture. Delete Default VPCs Deleting default VPCs is both good for security and cost management. Removing unused networks removes the ability for compute resources […]
Secure Access Service Edge (SASE) and Zero Trust Security for Small Businesses and Startups
When designing infrastructure we should minimize the blast radius. We should be designing for isolation and segmentation and limiting ingress and egress. In an ideal state there will be no entrance. Nothing would be allowed in. So is it possible to design a network where this is possible? The answer is, yes. We can design […]
Using Cloudflare for Public AWS Resources Securely
Using Cloudflare is an easy way to add security and performance improvements without breaking the bank. Plans start for free and provide access to the Cloudflare DNS and CDN https://www.cloudflare.com/plans/application-services/. You generally attach a security group with inbound rule 0.0.0.0/0 after setting up your public AWS resource. When using Cloudflare, there is a more secure […]
Kanban Dependency Management
Agile Development with Kanban One of my favorite methods of doing Agile development is with Kanban. The process is simple, fluid, and easily communicates project information to stakeholders. Kanban allows us to move to a Just-In-Time (JIT) method, which let’s face it – everyone wants everything today, now. Kanban Dependency Management So you switch over […]
JPA and FlywayDB Together with Spring Boot
If you’ve used Spring Data JPA or FlywayDB for SQL generation, the next step is to use JPA and FlywayDB together for robust DB creation and migration work. JPA is great for entities. FlywayDB is great for writing more complex SQL statements and data population. If you have the bright idea like I did to combine […]
Distributed Agile Development with a Global Team
Businesses need distributed Agile Development to offer a first class service with 24×7 support. There are strategic benefits in the Agile software development life-cycle (SDLC) outside of cost benefits to this approach. Distributed Agile Teams Most teams that try to do Agile Development end up with a Frankenstein process that keeps the spirit but lacks execution. The […]
Architecting with the Millennial Engineer
You have a web application that you have maintained for a few years, relatively bug free, and stable. Your business is growing and you’re adding new features so you go out and find a new software engineer – a millennial engineer – just out of school. The new engineer is eager and excited, quickly sets up […]