In one of my previous blog. I wrote how you could make your life easier when you start using Makefile. But when you start using Makefile in many projects. The targets that you use may vary from project to project.

I have been working as a consultant for over a year now. And I noticed that a lot of our clients are asking for experience on HashiCorp Terraform and AWS. So I figured it might be time to learn something new!

When you use IAM user for programmatic access. You have an ACCESS_KEY and a SECRET_ACCESS_KEY. With these credentials you are able to interact with AWS. A common pattern is that you will use the IAM User to assume roles in the same or even in different AWS accounts. The CLI configuration would look something like this:

Policies and Permission Controls

Access management is a crucial part of managing your workloads. It is also one of the primary areas where debugging can be problematic. In AWS, there are multiple ways to control access to the platform at various levels. These permission policies make it possible to optimize control of applications, programs, and resources, so day-to-day operations run as smoothly as possible. AWS has many options to create secure policies on its platform. Deciding which policies and permission controls to use for different organizations can seem daunting. Organizations rely on AWS Identity and Access Management (IAM) for access management. But there are more options, particularly for larger, more complex organizations with many accounts. Here, we tackle the best use case scenarios for AWS access management according to the needs of different users and organizations, small and large. We also address new developments and guidance in debugging permission errors.

When you start building infrastructure as code. You will run into the situation that, you want to split a stack into separate ones. Or, you deployed a resource in the wrong stack. This is all part of the development lifecycle. You try things, some succeed, some will fail. But deployed production resources are hard to rebuild. They either have a complex data migration path or you can’t afford the downtime.

Most of you have heard of “infrastructure as code” by now. But building cloud infrastructures is more than coding infrastructure. In this blog I will show you how I make my own live easier by generating infrastructure diagrams from code. When you have read my previous blogs about Commit messages done the right way. You are not surprised that I like to make things easy for the reader. When you are new to a team, or you are not familiar with a specific repository that your team maintains. It helps when the README.md of the repository helps you understand what the repository does.

In some scenarios you might have the need to replicate an AWS CodeCommit repository. When I was setting up a test organization using AWS Deployment Framework (ADF) I ran into this myself. Because I want to test the deployment of my landing zone I needed to have a close replica. This includes the CodeCommit setup.
But at the same time I did not want to change the development workflow. The workflow is pretty straight forward. You create a feature branch to work in. When you are ready you merge it to a development branch. When it needs to go to production you merge it into the main branch.
So we will use the development branch to deploy to the test organization. But, because the test organization is a replica of production. Merging to the development branch would not have effect on the test organization. For this we need to synchronize the development branch to the test organization.

Running a git binary in AWS Lambda

In some scenarios it can be easier to use a binary in a lambda function. In this blog post I will walk you through how you can run a git binary in an AWS Lambda.

In this blog post I will walk you through how to configure a single page application or website. In a previous blog Best practices for S3 web hosting and explaining why. Tibor Hercz explained the best practices for hosting a static website on S3. As Tibor explained, there are some downsides on using a Origin Access Identity (OAI). But in some Single Page Applications (SPA) you will not experience this downside.