by Dan Roncadin | Chief Consultant at Taos AWS re:Invent, one of the most highly anticipated cloud events of the year, did not disappoint. Every year AWS continues to put out a more comprehensive set of services, and sets the bar even higher. They’ve gone from being a provider of infrastructure and foundational components, to offering […]
Extract, Transform and Load (ETL) is a common method for taking disparate data from other systems and transforming then pushing to another system. We see this method used in many industries and processes repeated daily. However, the ETL process when using the cloud has not always been so straight forward. You could argue there are […]
Your superior asks you and a coworker for the list of systems on the network. You both consult your sources and come up with completely different answers. Who’s right? Both of you. Your coworker consulted the source of record, the CMDB. Pulling from the CMDB gives your coworker the list of all approved systems, including, […]
FOR IMMEDIATE RELEASE Contact Taos – Main: 408-588-1200 / Toll Free: 888-826-7686 Taos Achieves Advanced Tier Partner Status in the Amazon Web Services Partner Network San Jose, CA – 17 April, 2017 – Taos, a preeminent supplier of Cloud, IT consulting and managed services, has achieved Advanced Tier Partner status in the Amazon Web Services […]
by Brandon Knitter | Technical Consultant at Taos Amazon’s most recent outage has garnered a lot of buzz in the industry. Google for “amazon outage 2017” and you’ll find results that range from acknowledgement to outrage. My opinion will fall somewhere in between. Let’s be honest, shit happens and infrastructure fails (both hardware and software). […]
by Brandon Knitter | Technical Consultant at Taos The software industry has seen a lot of change over the past many years. There was the mainframe. At some point we moved to client-server. The web gave birth to the three-tier architecture. Eventually there was SOA, and CORBA reared it’s head like a dyslexic snake. There […]
I often need to work with multiple AWS accounts. There are personal accounts, business accounts, and various client accounts. This adds up to a lot of different credentials. I need a way of quickly and accurately switching between these various credential sets while making it clear to me which account I’m currently working with.
The CLI is a must for any serious work in AWS, but it doesn’t have a great way of managing multiple accounts or credentials. There is a profile system that can be set up in the ~/.aws/config file but that requires tacking –profile onto every command which is easily forgotten and leads to challenges scripting across multiple environments. Otherwise, the CLI relies on environment variables like AWS_ACCESS_KEY_ID being set.
While advising companies on their AWS environments, a few core issues come up again and again. These issues present real challenges for organizations moving to broader adoption and aren’t easily remedied with a quick fix.
1. Cost Management – Moving away from upfront capital expenditures to on-demand usage based pricing is a primary driver of many clients’ cloud adoption strategy. It’s easy at first. The bills start small, a few hundred or thousand dollars a month. Low enough for someone to expense on a purchasing card. Soon they get bigger, 10’s of thousands per month, then 100’s of thousands. At this point, it is a serious expense and starts raising questions about efficiency and forecasting.
The Amazon AWS service API is an essential tool for automating the deployment, monitoring, and management of AWS resources. To grant programs the necessary API access, a common technique is to create AWS access keys and store them in configuration files, or even hardcoded into source code. I employed this method in last month’s installment, Implementing A Custom AWS Dashboard.
However, using keys in this way adds a security risk. Keys stored in configuration files or source code are at risk for unauthorized disclosure, and these keys grant unrestricted access to all your account’s AWS functions, far broader access than is usually necessary for a particular task. AWS Identity and Access Management (IAM) roles offer a solution to both problems.
CloudWatch is an Amazon Web Services (AWS) service that automatically collects a wide range of performance and health data about your AWS resources. This data is available through an API, and also can be viewed as graphs on the AWS console. However the graphs are located on the separate console pages for each type of resource (e.g. EC2, RDS, load balancer, etc). The dispersed locations make it impossible to have a single dashboard view of multiple AWS resources.