(All tags.)
When Lambda@Edge first came out, I added it to my blog’s CloudFront distribution in order to add security headers. Then, when Lambda@Edge added Python support, I converted my function from JavaScript to Python.
I’ve mentioned CloudFront’s speed, or lack thereof, several times in my past posts.
I previously blogged about how I configured my CloudFront hosted website to score A+ on securityheaders.com. I worked around CloudFront’s lack of an “add headers” feature by adding a Lambda@Edge function in JavaScript.
I previously covered how I scored A+ for security headers on my site, which uses AWS CloudFront. I didn’t touch on scoring A+ for your TLS configuration though.
Instance Recovery is a little-advertised, little-used feature of EC2. It doesn’t take long to set up and promises to recover your instance on the rare occasion that the underlying hardware fails. Recovery resumes the instance on new hardware, retaining its instance ID, private IP addresses, Elastic IP addresses, and all instance metadata.
Sometimes when testing CloudFormation features I need a minimum viable template to try that feature with.
I’ve been working with CloudFormation in some form for about five years now. Two years ago at Time Out, I helped write an in-house tool that performed some basic template linting. One year ago at Genus AI, I started using the AWS Labs tool cfn-lint to validate my templates before deployment. It’s really neat, covers a lot more than our in-house tool did, and has saved me from a number of mistakes.
CloudFormation’s stack drift detection feature is useful. It discovers ways your infrastructure that you beautifully set up with Infrastructure-as-Code has been fiddled with manually. Often this results from a “quick temporary fix” being applied manually on the web console at 2am, then forgotten about.
I received a cheery notification email (twice) from AWS that they’re deprecating Ubuntu 14.04 on CodeBuild:
This is a recipe I’ve used on a number of projects. It combines pytest fixtures with Botocore’s Stubber for an easy testing experience of code using Boto3. (Botocore is the library behind Boto3.)
On Saturday, I posted my guide on Scoring A+ for Security Headers in Django, following my talk at DjangoCon Europe. I thought it would be a good idea to step up and make my own site score A+, rather than a dismal F! My site isn’t built in Django, but as a Jekyll static site. It’s hosted on AWS S3 and CloudFront.
On Thursday I gave a workshop at DjangoCon Europe on deploying a Django application on AWS Lambda. I gave participants a Git repository to clone and temporary AWS keys to individual, restricted IAM users on my Workshops AWS account.
Update (2025-06-01): The above feed is no longer available.
This is a problem I've seen several times over the past few years.
AWS just announced Amazon H3 (the Highly Hospitable Hotel), available now in us-east-1 and coming years later to the region you actually use. They’re leveraging all the infrastructure they have built for their data centres to create a new style of ‘pay as you go’ hotel. Here are some of the features and pricing schemes available at launch:
I gave a talk at the recent London Ansible Meetup on how I cleared up unexplained nameless/‘anonymous’ EC2 instances from our AWS account at YPlan. This is the blog post version of that talk, so you can follow along and stop such instances appearing on your account and sapping money!