AWS Bites AWS Bites

This episode discusses solutions for securely accessing private VPC resources for debugging and troubleshooting. We cover traditional approaches like bastion hosts and VPNs and newer solutions using containers and AWS services like Fargate, ECS, and SSM. We explain how to set up a Fargate task with a container image with the necessary tools, enable ECS integration with SSM, and use SSM to start remote shells and port forwarding tunnels into the container. This provides on-demand access without exposing resources on the public internet. We share a Python script to simplify the process. We suggest ideas for improvements like auto-scaling the container down when idle. Overall, this lightweight containerized approach can provide easy access for debugging compared to managing EC2 instances.



💰 SPONSORS 💰

AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with AWS. If you need someone to help you with your ambitions AWS projects, check out ⁠https://fourtheorem.com⁠



In this episode, we mentioned the following resources:


Our previous episode "78. When do you need a bastion host?": https://awsbites.com/78-when-do-you-need-a-bastion-host
Basti - Securely connect to RDS, Elasticache, and other AWS resources in VPCs with no idle cost: https://github.com/basti-app/basti
Our gist with a Python script you can adjust to your needs: https://gist.github.com/eoinsha/157f6d869d0033f80a8da5757e8781f7



Do you have any AWS questions you would like us to address?


Leave a comment here or connect with us on X, formerly Twitter:
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we discuss the newly announced CloudFront Hosting Toolkit from AWS. We provide an overview of the tool, which aims to simplify deploying modern front-end applications to AWS while retaining infrastructure control. We discuss the current capabilities and limitations and share our hands-on experiences trying out the tool. We also talk about alternatives like Vercel and Amplify, and the tradeoffs between convenience VS control. Overall, the toolkit shows promise but is still early-stage. We are excited to see it evolve to support more frameworks and use cases.



💰 SPONSORS 💰

AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with AWS. If you need someone to help you with your ambitions AWS projects, check out https://fourtheorem.com

In this episode, we mentioned the following resources:



CloudFront Hosting Toolkit official announcement: https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-cloudfront-hosting-toolkit/
Previous episode "80. Can you do private static websites on AWS?": https://awsbites.com/80-can-you-do-private-static-websites-on-aws/
Previous episode "3. How do you deploy a static website on AWS?": https://awsbites.com/3-how-do-you-deploy-a-static-website-on-aws/
CloudFront functions: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html
CloudFront Key-Value Store: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/kvs-with-functions.html
Sandro Volpicella's article on CloudFront Hosting Toolkit: https://blog.awsfundamentals.com/cloudfront-hosting-toolkit
Open Next: https://open-next.js.org/
Coolify: https://coolify.io/





Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on X, formerly Twitter:
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we discuss some tips and tricks for optimizing performance when working with Amazon S3 at scale. We start by giving an overview of how S3 works, highlighting the distributed nature of the service and how data is stored redundantly across multiple availability zones for durability. We then dive into specific tips like using multipart uploads and downloads, spreading the load across key namespaces, enabling transfer acceleration, and using S3 byte-range fetches. Overall, we aim to provide developers building S3-intensive applications with practical guidance to squeeze the most performance out of the service.



💰 SPONSORS 💰

AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with S3. If you need someone to work with to optimise your S3-based workloads, check out at ⁠⁠⁠⁠⁠⁠fourtheorem.com⁠⁠⁠⁠⁠⁠!


In this episode, we mentioned the following resources:


Our previous episode on S3 best practices: https://awsbites.com/83-bucket-list-of-s3-best-practices
“Deep dive on Amazon S3” (re:Invent talk from 2021): https://www.youtube.com/watch?v=FJJxcwSfWYg
More recent re:Invent talk on Amazon S3 (with updated data) - We discovered this one just after the recording: https://youtu.be/sYDJYqvNeXU
Multi-part upload user guide: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html
Code examples from the SDK (high-level and low-level APIs): https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpu-upload-object.html
Node.js official helper library (@aws-sdk/lib-storage): https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-lib-storage/
Example on how you can implement byte-range fetches: https://docs.aws.amazon.com/AmazonS3/latest/userguide/example_s3_Scenario_UsingLargeFiles_section.html
s3-getobject-accelerator library: https://github.com/widdix/s3-getobject-accelerator
aws-c-s3 library: https://github.com/awslabs/aws-c-s3
S3 storage lens: https://aws.amazon.com/s3/storage-lens/
Docs on S3 Transfer Accelerator: https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration-examples.html
Performance Guidelines for Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance-guidelines.html
Performance Design Patterns for Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance-design-patterns.html


Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on X, formerly Twitter:
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we provide a comprehensive overview of DynamoDB, including how it compares to relational databases, when to use it, how to get started, writing and querying data, secondary indexes, and single table design. We share our experiences using DynamoDB and discuss the pros and cons compared to traditional SQL databases.



💰 SPONSORS 💰

AWS Bites is brought to you by fourTheorem. If you need someone to work with you to build the best-designed, highly available database on AWS, give us a shout. Check us out on ⁠⁠⁠⁠⁠fourtheorem.com⁠⁠⁠⁠⁠!


In this episode, we mentioned the following resources:


Our previous episode "122. Amazing Databases with Aurora": https://awsbites.com/122-amazing-databases-with-aurora/
Configurable Maximum Throughput on On-Demand tables: https://aws.amazon.com/about-aws/whats-new/2024/05/dynamodb-configurable-maximum-throughput-on-demand-tables/
Best practices for designing and using partition keys effectively: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html#bp-partition-key-partitions-adaptive
The DynamoDB Book: https://dynamodbbook.com/
Alex DeBrie’s podcast / YouTube (not about DynamoDB per se but still worth a shout!): https://www.youtube.com/@SoftwareHuddle
One of Rick Houlihan’s talks on DynamoDB: https://www.youtube.com/watch?v=xfxBhvGpoa0



Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on X, formerly Twitter:
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we provide an overview of Amazon Aurora, a relational database solution on AWS. We discuss its unique capabilities like distinct storage architecture for better performance and faster recovery. We cover concepts like Aurora clusters, reader and writer instances, endpoints, and global databases. We also compare the serverless versions V1 and V2, noting that V2 is more enterprise-ready while V1 scales to zero. We touch on billing and additional features like the data API, RDS query editor, and RDS proxy. Overall, Aurora is powerful and scalable but not trivial to use at global scale. It's best for serious enterprise use cases or variable traffic workloads.



💰 SPONSORS 💰

AWS Bites is brought to you by fourTheorem. If you need someone to work with you to build the best-designed, highly available database on AWS, give us a shout. Check us out on ⁠⁠⁠⁠fourtheorem.com⁠⁠⁠⁠!


In this episode, we mentioned the following resources:


Amazon Relational Database Service (RDS): https://aws.amazon.com/rds/
Amazon RDS Aurora: https://aws.amazon.com/rds/aurora/
RDS Aurora Serverless: https://aws.amazon.com/rds/aurora/serverless/
Cost calculator for cost comparison: https://calculator.aws/#/estimate?id=4f950b71be8b31438dd12c7aebc9beae3f88179e
Cloudonaut podcast and blog post about Aurora Serverless V2: https://cloudonaut.io/review-aurora-serverless-v2/



Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on X, formerly Twitter:
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠

In this episode, we discuss 5 different ways to extend CloudFormation capabilities beyond what it natively supports. We started with a quick recap of what CloudFormation is and why we might need to extend it. We then covered using custom scripts and templating engines, which can be effective but require extra maintenance. We recommended relying instead on tools like Serverless Framework, SAM, and CDK which generate CloudFormation templates but provide abstractions and syntax improvements. When you need custom resources, CloudFormation macros allow pre-processing templates, while custom resources and the CloudFormation registry allow defining new resource types. We summarized recommendations for when to use each approach based on our experience. Overall, we covered multiple options for extending CloudFormation to support more complex infrastructure needs.



💰 SPONSORS 💰

AWS Bites is brought to you by fourTheorem, an AWS Partner that specialises in modern application architecture and migration. If you are curious to find out more and to work with us, check us out on ⁠⁠⁠fourtheorem.com⁠⁠⁠!


In this episode, we mentioned the following resources:


Ep. 31 "Cloudformation or Terraform": https://awsbites.com/31-cloudformation-or-terraform/
Serverless Framework: https://www.serverless.com/
SAM (Serverless Application Model): https://aws.amazon.com/serverless/sam/
CDK (Cloud Development Kit): https://aws.amazon.com/cdk/
Ep. 119 "The state of AWS 2024 (AnsWeRS community survey commentary)": https://awsbites.com/119-the-state-of-aws-2024-answers-community-survey-commentary/
Ep. 93 "CDK Patterns - The Good, The Bad and The Ugly": https://awsbites.com/93-cdk-patterns-the-good-the-bad-and-the-ugly/
SLIC Watch: https://github.com/fourTheorem/slic-watch
AWS SSO Utils by Ben Kehoe: https://github.com/benkehoe/aws-sso-util
JavaScript library to safely create custom CloudFormaion resources: https://www.npmjs.com/package/safe-cfn-custom-resource
Clouformation CLI: https://github.com/aws-cloudformation/cloudformation-cli
Cloudformation CLI docs: https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/what-is-cloudformation-cli.html
Cloudonaut podcast "3½ ways to workaround missing CloudFormation support": https://cloudonaut.io/three-and-a-half-ways-to-workaround-missing-cloudformation-support/



Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on X, formerly Twitter:
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠
- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠