Как посчитать все ресурсы в AWS Organizations и найти проблемные или multi-account strategy в действии:

https://aws.amazon.com/blogs/mt/identify-aws-resources-at-risk-across-your-multi-account-environment-with-aws-organizations-integrations/

#Organizations #multi_account_strategy

Terraform AWS Cloud Control Provider

provider "awscc" {
region = "us-east-1"
}

provider "aws" {
region = "us-east-1"
}

https://aws.amazon.com/blogs/devops/quickly-adopt-new-aws-features-with-the-terraform-aws-cloud-control-provider/

Terraform AWS Cloud Control Provider features:

▫️ Developed by AWS and HashiCorp over four years, leveraging the AWS Cloud Control API.

▫️ Supports new AWS services and features immediately upon release via automatic generation from AWS Cloud Control API.

▫️ Best for using newly released AWS features and services that are not yet available in the standard Terraform AWS Provider.

#Terraform

​​Terraform best practices from AWS

https://docs.aws.amazon.com/prescriptive-guidance/latest/terraform-aws-provider-best-practices/introduction.html

Backend

▫️ Use S3 for remote storage
▫️ Facilitate team collaboration
▫️ Separate the backends for each environment
▫️ Actively monitor remote state activity

Code

▫️ Implement a standard repository structure
▫️ Structure for modularity
▫️ Follow naming conventions
▫️ Use attachment resources
▫️ Use default tags
▫️ Meet Terraform Registry requirements
▫️ Use recommended module sources
▫️ Follow coding standards

Versions

▫️ Use the TFLint
▫️ Monitor new releases

Modules

▫️ Use variables for customization
▫️ Understand dependencies
▫️ Use trusted sources

#Terraform

Hey folks!
On June 4-5th, we invite you to the conference Let's Talk #Security by DevOpsDays Ukraine community ⚙️

🛡 A two-day virtual event is dedicated to security integration throughout the IT lifecycle. We'll discuss context-based security, cloud hacking scenarios, information security in the cloud, defense against cyberattacks and the complexities of cyber warfare, vulnerability management implementation with AWS services, OWASP Top Web Application Security Risks, and more.

Presentations, ignite talks and open space discussion await you!

Check out agenda & register 👉 https://www.devopsdays.com.ua
When? June 4-5
Where? Online

Join for free!

​​«Ты как-то медленно накатываешь миграции», — сказали девопсу бэкендеры, перед тем, как это стало их обязанностью.

#пятничное

​​📊 Get powerful visuals and deep insights to optimize costs on AWS with Cloud Intelligence Dashboards.

https://catalog.workshops.aws/awscid/en-US/dashboards

Foundational

▪️ CUDOS Dashboard
▪️ Cost Intelligence Dashboard
▪️ KPI Dashboard

Advanced

▪️ Compute Optimizer Dashboard
▪️ Trusted Advisor Organizational Dashboard
▪️ Cost Anomaly Dashboard
▪️ Extended Support - Cost Projection
▪️ Graviton Opportunities Dashboard

Additional

▪️ Trends Dashboard
▪️ DataTransfer Cost Analysis Dashboard
▪️ AWS Marketplace Single Pane of Glass Dashboard
▪️ Kubecost Containers Cost Allocation Dashboard
▪️ SCAD Containers Cost Allocation Dashboard

#Cost_Optimization #QuickSight

Можно ChatGPT. Он погуглит за вас.

#пятничное

Essential reading for understanding S3 buckets:

https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/

🔹 S3 buckets are the S3 API
🔸 ListObjects is not the only way to get object keys
🔹 Incomplete multipart uploads are Schrodinger’s objects
🔸 Multipart upload listings leak return principal ARNs
🔹 Access control lists can grant access based on email
🔸 Storage class is uploader’s choice
🔹 Pretty much everything is uploader’s choice
🔸 S3 will tell you the bucket owner if you ask nicely
🔹 Keys are case sensitive
🔸 More ways to make a bucket public

#S3

​​An easy way to schedule creating and deleting NAT Gateway

https://github.com/aws-samples/create-and-delete-ngw

Create/Delete EIP, NATGW and change VPC route using EventBridge and Step Functions.

#NATGW

ARM 64 GitHub Runners 🎉

https://github.blog/2024-06-03-arm64-on-github-actions-powering-faster-more-efficient-build-systems/

💰 Стоят на треть дешевле:

https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions#per-minute-rates-for-arm64-powered-larger-runners

⚠️ Пока лишь для Team/Enterprise планов. К концу года — остальным.

#GitHub #ARM #Sustainability

Amazon Q Developer command line completions

https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/command-line-inline.html

✅ current shell context
✅ recent shell history

Support:
▫️ Linux
▫️ MacOS

#Q

Спешите, отличная возможность, количество мест ограничено! 😃

https://www.linkedin.com/jobs/view/3924284452/

​​How to run CI/CD on AWS — aws-ci-cd-accelerator от Epam

https://github.com/epam/aws-ci-cd-accelerator/tree/develop

Ссылка на develop ветку, где во второй версии добавлены AI фичи, куда ж без них.

P.S. Диаграмма — достойный конкурент How to run Wordpress on AWS. 😀

#CICD #Epam

OpenSearch Serverless теперь обойдётся всего лишь за 180$ в месяц по минимуму.

https://aws.amazon.com/about-aws/whats-new/2024/06/amazon-opensearch-serverless-entry-cost-half-collection-types/

#OpenSearch

IPv6 support — AWS service endpoints by AWS Region

https://awsipv6.neveragain.de/

#ipv6

​​☸️ 10 Years of Kubernetes 🎉 🥳

https://kubernetes.io/blog/2024/06/06/10-years-of-kubernetes/

#Kubernetes