In this episode, we discuss Luciano's new book project on using Rust to write AWS Lambda functions. We start with a recap on why Rust is a good fit for Lambda, including performance, efficiency, safety, and low cold start times. Luciano provides details on the book's progress so far, the intended audience, and the current published chapters covering Lambda internals, getting started with Rust Lambda, and building a URL shortener app with DynamoDB. We also explore the differences between traditional publishing and self-publishing, and why Luciano chose the self-publishing route for this book. Luciano shares insights into the writing process with AsciiDoc, code samples, SVG image generation, and using Gumroad for distribution. He invites feedback from listeners who have experience with Rust and Lambda. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem. If you are looking for a partner to architect, develop and modernise on AWS, give fourTheorem a call. We have also been working with some of our customers to rewrite some of their most used Lambda functions in Rust, greatly reducing cost and improving performance. If all of this sounds interesting, check us out at ⁠⁠⁠https://fourtheorem.com⁠⁠⁠ In this episode, we mentioned the following resources: Our previous episode "64. How do you write Lambda Functions in Rust?": https://awsbites.com/64-how-do-you-write-lambda-functions-in-rustCrafting Lambda Functions in Rust book's website: https://rust-lambda.com/The official Rust book (available for free): https://doc.rust-lang.org/book/James Eastham awesome YouTube channel: https://www.youtube.com/@serverlessjamesAI as a Service book: https://www.manning.com/books/ai-as-a-serviceNode.js Design Patterns book: https://www.nodejsdesignpatterns.com/Liran Tal's awesome AsciiDoc book starter template: https://github.com/lirantal/asciidoc-book-starter Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

An overview of load balancers, explaining how they distribute traffic across multiple servers and provide high availability. We discuss layer 4 and layer 7 load balancers, detailing their pros and cons. We then focus on AWS load balancers, covering network load balancers and application load balancers in depth, including their features, use cases, and pricing models. We conclude by mentioning some alternatives to AWS load balancers. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with AWS. If you need someone to help you with your ambitions AWS projects, check out ⁠⁠https://fourtheorem.com⁠⁠ In this episode, we mentioned the following resources: Our previous episode "88. What is VPC Lattice?": https://awsbites.com/88-what-is-vpc-lattice/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

This episode discusses solutions for securely accessing private VPC resources for debugging and troubleshooting. We cover traditional approaches like bastion hosts and VPNs and newer solutions using containers and AWS services like Fargate, ECS, and SSM. We explain how to set up a Fargate task with a container image with the necessary tools, enable ECS integration with SSM, and use SSM to start remote shells and port forwarding tunnels into the container. This provides on-demand access without exposing resources on the public internet. We share a Python script to simplify the process. We suggest ideas for improvements like auto-scaling the container down when idle. Overall, this lightweight containerized approach can provide easy access for debugging compared to managing EC2 instances. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with AWS. If you need someone to help you with your ambitions AWS projects, check out ⁠https://fourtheorem.com⁠ In this episode, we mentioned the following resources: Our previous episode "78. When do you need a bastion host?": https://awsbites.com/78-when-do-you-need-a-bastion-hostBasti - Securely connect to RDS, Elasticache, and other AWS resources in VPCs with no idle cost: https://github.com/basti-app/bastiOur gist with a Python script you can adjust to your needs: https://gist.github.com/eoinsha/157f6d869d0033f80a8da5757e8781f7 Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we discuss the newly announced CloudFront Hosting Toolkit from AWS. We provide an overview of the tool, which aims to simplify deploying modern front-end applications to AWS while retaining infrastructure control. We discuss the current capabilities and limitations and share our hands-on experiences trying out the tool. We also talk about alternatives like Vercel and Amplify, and the tradeoffs between convenience VS control. Overall, the toolkit shows promise but is still early-stage. We are excited to see it evolve to support more frameworks and use cases. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with AWS. If you need someone to help you with your ambitions AWS projects, check out https://fourtheorem.com In this episode, we mentioned the following resources: CloudFront Hosting Toolkit official announcement: https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-cloudfront-hosting-toolkit/ Previous episode "80. Can you do private static websites on AWS?": https://awsbites.com/80-can-you-do-private-static-websites-on-aws/Previous episode "3. How do you deploy a static website on AWS?": https://awsbites.com/3-how-do-you-deploy-a-static-website-on-aws/CloudFront functions: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.htmlCloudFront Key-Value Store: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/kvs-with-functions.htmlSandro Volpicella's article on CloudFront Hosting Toolkit: https://blog.awsfundamentals.com/cloudfront-hosting-toolkitOpen Next: https://open-next.js.org/Coolify: https://coolify.io/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we discuss some tips and tricks for optimizing performance when working with Amazon S3 at scale. We start by giving an overview of how S3 works, highlighting the distributed nature of the service and how data is stored redundantly across multiple availability zones for durability. We then dive into specific tips like using multipart uploads and downloads, spreading the load across key namespaces, enabling transfer acceleration, and using S3 byte-range fetches. Overall, we aim to provide developers building S3-intensive applications with practical guidance to squeeze the most performance out of the service. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with S3. If you need someone to work with to optimise your S3-based workloads, check out at ⁠⁠⁠⁠⁠⁠fourtheorem.com⁠⁠⁠⁠⁠⁠! In this episode, we mentioned the following resources: Our previous episode on S3 best practices: https://awsbites.com/83-bucket-list-of-s3-best-practices“Deep dive on Amazon S3” (re:Invent talk from 2021): https://www.youtube.com/watch?v=FJJxcwSfWYgMore recent re:Invent talk on Amazon S3 (with updated data) - We discovered this one just after the recording: https://youtu.be/sYDJYqvNeXUMulti-part upload user guide: https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.htmlCode examples from the SDK (high-level and low-level APIs): https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpu-upload-object.htmlNode.js official helper library (@aws-sdk/lib-storage): https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-lib-storage/Example on how you can implement byte-range fetches: https://docs.aws.amazon.com/AmazonS3/latest/userguide/example_s3_Scenario_UsingLargeFiles_section.htmls3-getobject-accelerator library: https://github.com/widdix/s3-getobject-acceleratoraws-c-s3 library: https://github.com/awslabs/aws-c-s3S3 storage lens: https://aws.amazon.com/s3/storage-lens/Docs on S3 Transfer Accelerator: https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration-examples.htmlPerformance Guidelines for Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance-guidelines.htmlPerformance Design Patterns for Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/optimizing-performance-design-patterns.html Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we provide a comprehensive overview of DynamoDB, including how it compares to relational databases, when to use it, how to get started, writing and querying data, secondary indexes, and single table design. We share our experiences using DynamoDB and discuss the pros and cons compared to traditional SQL databases. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem. If you need someone to work with you to build the best-designed, highly available database on AWS, give us a shout. Check us out on ⁠⁠⁠⁠⁠fourtheorem.com⁠⁠⁠⁠⁠! In this episode, we mentioned the following resources: Our previous episode "122. Amazing Databases with Aurora": https://awsbites.com/122-amazing-databases-with-aurora/Configurable Maximum Throughput on On-Demand tables: https://aws.amazon.com/about-aws/whats-new/2024/05/dynamodb-configurable-maximum-throughput-on-demand-tables/Best practices for designing and using partition keys effectively: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/bp-partition-key-design.html#bp-partition-key-partitions-adaptiveThe DynamoDB Book: https://dynamodbbook.com/Alex DeBrie’s podcast / YouTube (not about DynamoDB per se but still worth a shout!): https://www.youtube.com/@SoftwareHuddleOne of Rick Houlihan’s talks on DynamoDB: https://www.youtube.com/watch?v=xfxBhvGpoa0 Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

In this episode, we provide an overview of Amazon Aurora, a relational database solution on AWS. We discuss its unique capabilities like distinct storage architecture for better performance and faster recovery. We cover concepts like Aurora clusters, reader and writer instances, endpoints, and global databases. We also compare the serverless versions V1 and V2, noting that V2 is more enterprise-ready while V1 scales to zero. We touch on billing and additional features like the data API, RDS query editor, and RDS proxy. Overall, Aurora is powerful and scalable but not trivial to use at global scale. It's best for serious enterprise use cases or variable traffic workloads. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem. If you need someone to work with you to build the best-designed, highly available database on AWS, give us a shout. Check us out on ⁠⁠⁠⁠fourtheorem.com⁠⁠⁠⁠! In this episode, we mentioned the following resources: Amazon Relational Database Service (RDS): https://aws.amazon.com/rds/Amazon RDS Aurora: https://aws.amazon.com/rds/aurora/RDS Aurora Serverless: https://aws.amazon.com/rds/aurora/serverless/Cost calculator for cost comparison: https://calculator.aws/#/estimate?id=4f950b71be8b31438dd12c7aebc9beae3f88179eCloudonaut podcast and blog post about Aurora Serverless V2: https://cloudonaut.io/review-aurora-serverless-v2/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠

In this episode, we discuss 5 different ways to extend CloudFormation capabilities beyond what it natively supports. We started with a quick recap of what CloudFormation is and why we might need to extend it. We then covered using custom scripts and templating engines, which can be effective but require extra maintenance. We recommended relying instead on tools like Serverless Framework, SAM, and CDK which generate CloudFormation templates but provide abstractions and syntax improvements. When you need custom resources, CloudFormation macros allow pre-processing templates, while custom resources and the CloudFormation registry allow defining new resource types. We summarized recommendations for when to use each approach based on our experience. Overall, we covered multiple options for extending CloudFormation to support more complex infrastructure needs. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an AWS Partner that specialises in modern application architecture and migration. If you are curious to find out more and to work with us, check us out on ⁠⁠⁠fourtheorem.com⁠⁠⁠! In this episode, we mentioned the following resources: Ep. 31 "Cloudformation or Terraform": https://awsbites.com/31-cloudformation-or-terraform/Serverless Framework: https://www.serverless.com/SAM (Serverless Application Model): https://aws.amazon.com/serverless/sam/CDK (Cloud Development Kit): https://aws.amazon.com/cdk/Ep. 119 "The state of AWS 2024 (AnsWeRS community survey commentary)": https://awsbites.com/119-the-state-of-aws-2024-answers-community-survey-commentary/Ep. 93 "CDK Patterns - The Good, The Bad and The Ugly": https://awsbites.com/93-cdk-patterns-the-good-the-bad-and-the-ugly/SLIC Watch: https://github.com/fourTheorem/slic-watchAWS SSO Utils by Ben Kehoe: https://github.com/benkehoe/aws-sso-utilJavaScript library to safely create custom CloudFormaion resources: https://www.npmjs.com/package/safe-cfn-custom-resourceClouformation CLI: https://github.com/aws-cloudformation/cloudformation-cliCloudformation CLI docs: https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/what-is-cloudformation-cli.htmlCloudonaut podcast "3½ ways to workaround missing CloudFormation support": https://cloudonaut.io/three-and-a-half-ways-to-workaround-missing-cloudformation-support/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss best practices for working with AWS Lambda. We cover how Lambda functions work under the hood, including cold starts and warm starts. We then explore different invocation types - synchronous, asynchronous, and event-based. For each, we share tips on performance, cost optimization, and monitoring. Other topics include function structure, logging, instrumentation, and security. Throughout the episode, we aim to provide a solid mental model for serverless development and share our experiences to help you build efficient and robust Lambda applications. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an AWS Partner that specialises in modern application architecture and migration. We are big fans of serverless and we have worked on quite a few serverless projects even at a massive scale! If you are curious to find out more and to work with us, check us out at ⁠⁠fourtheorem.com⁠⁠! In this episode, we mentioned the following resources: Ep. 110 "110. Why should you use Lambda for Machine Learning?": https://awsbites.com/110-why-should-you-use-lambda-for-machine-learning/Ep. 108 "How to Solve Lambda Python Cold Starts": https://awsbites.com/108-how-to-solve-lambda-python-cold-starts/Ep. 104 "Explaining Lambda Runtimes": https://awsbites.com/104-explaining-lambda-runtimes/Ep. 92 "Decomposing the Monolith Lambda": https://awsbites.com/92-decomposing-the-monolith-lambda/Ep 64 "How do you write Lambda Functions in Rust?": https://awsbites.com/64-how-do-you-write-lambda-functions-in-rust/Ep 65 "Solving SQS and Lambda concurrency problems": https://awsbites.com/65-solving-sqs-and-lambda-concurrency-problems/Ep 10 "Lambda or Fargate for containers?": https://awsbites.com/10-lambda-or-fargate-for-containers/Ep 4. "What language should you use for Lambda?": https://awsbites.com/4-what-language-should-you-use-for-lambda/Ep 6. "Is AWS Lambda cheap or expensive?": https://awsbites.com/6-is-aws-lambda-cheap-or-expensive/Article: "What do you need to know about SNS?": https://fourtheorem.com/what-do-you-need-to-know-about-sns/Article: "What can you do with EventBridge": https://fourtheorem.com/what-can-you-do-with-eventbridge/Article: "What do you need to know about SQS?": https://fourtheorem.com/what-do-you-need-to-know-about-sqs/Yan Cui's video about using Lambda Destinations instead of DLQs: https://www.youtube.com/watch?v=hOetf6YN3zoProfiling functions with AWS Lambda Power Tuning: https://docs.aws.amazon.com/lambda/latest/operatorguide/profile-functions.htmlBlog post by Luca Mezzalira about hexagonal architectures for Lambda: https://aws.amazon.com/blogs/compute/developing-evolutionary-architecture-with-aws-lambda/Ep 41 "How can Middy make writing Lambda functions easier?": https://awsbites.com/41-how-can-middy-make-writing-lambda-functions-easier/SLIC Watch for automated dashboards and alarms: https://github.com/fourTheorem/slic-watchEp 35 "How can you become a Logs Ninja with CloudWatch?": https://awsbites.com/35-how-can-you-become-a-logs-ninja-with-cloudwatch/Ep 34 "How to get the most out of CloudWatch Alarms?": https://awsbites.com/34-how-to-get-the-most-out-of-cloudwatch-alarms/Ep 33 "What can you do with CloudWatch metrics?": https://awsbites.com/33-what-can-you-do-with-cloudwatch-metrics/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we provide commentary and analysis on the 2024 AWS Community Survey results. We go through the key findings for each area including infrastructure as code, CI/CD, serverless, containers, NoSQL databases, event services, and AI/ML. While recognizing potential biases, we aim to extract insights from the data and share our perspectives based on experience. Overall, we see increased adoption across many services, though some pain points remain around developer experience. We hope this format provides value to listeners interested in cloud technology trends. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an AWS Partner that does CLOUD stuff really well, check us out on ⁠fourtheorem.com⁠! In this episode, we mentioned the following resources: The 2024 Answers for AWS Survey results: https://answersforaws.com/2024"GitHub Actions Feels Bad" by fasterthanlime (video): https://www.youtube.com/watch?v=9qljpi5jiMQ"Doing serverless with Terraform": https://serverless.tf/Our event services series (YouTube playlist): https://www.youtube.com/playlist?list=PLAWXFhe0N1vLHkGO1ZIWW_SZpturHBiE_Our previous episode about machine learning and SageMaker "How to automate transcripts with Amazon Transcribe and OpenAI Whisper": https://awsbites.com/63-how-to-automate-transcripts-with-amazon-transcribe-and-openai-whisper/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we provide an introductory overview of AWS's best practices for managing infrastructure using multiple accounts under an organization. We discuss the advantages of this approach and how to get started creating your own multi-account environment, or "landing zone". 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an AWS Partner that does CLOUD stuff well, including helping you set up your AWS organisation! If that’s something you are looking for, go to fourtheorem.com to read more about us and to get in touch! In this episode, we mentioned the following resources: AWS Definition of Landing Zone: https://docs.aws.amazon.com/prescriptive-guidance/latest/strategy-migration/aws-landing-zone.htmlSeries of articles "Managing AWS accounts like a PRO": https://fourtheorem.com/managing-aws-accounts-part-1/AWS Organizations service: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.htmlIAM Identity Center service: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.htmlControl Tower: https://docs.aws.amazon.com/controltower/latest/userguide/what-is-control-tower.htmlorg-formation: https://github.com/org-formation/org-formation-cliOur previous episode "AWS Governance and landing zone with Control Tower, OrgFormation and Terraform": https://awsbites.com/96-aws-governance-and-landing-zone-with-control-tower-org-formation-and-terraformgranted.dev: https://granted.devAWS SSO util: https://github.com/benkehoe/aws-sso-utilLeapp: https://www.leapp.cloud/Cloud Glance: https://cloudglance.dev/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we provide an overview of Amazon EBS, which stands for Elastic Block Storage. We explain what block storage is and how EBS provides highly available and high-performance storage volumes that can be attached to EC2 instances. We discuss the various EBS volume types, including GP3, GP2, provisioned IOPS, and HDD volumes, and explain how they differ in performance characteristics like IOPS and throughput. We go over important concepts like IOPS, throughput, and volume types so listeners can make informed decisions when provisioning EBS. We also cover EBS features like snapshots, encryption, direct API access, and ECS integration. Overall, this is a comprehensive guide to understanding EBS and choosing the right options based on your workload needs. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an AWS Partner that does CLOUD stuff really well. Go to fourtheorem.com to read about our case studies! In this episode, we mentioned the following resources: EBS Official Documentation: https://docs.aws.amazon.com/ebs/latest/userguide/what-is-ebs.htmlEBS Direct Access API: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-accessing-snapshot.htmlEBS internal configuration is implemented as “millions of tiny databases” (paper): https://www.amazon.science/publications/millions-of-tiny-databasesEBS Pricing examples: https://aws.amazon.com/ebs/pricing/#Pricing_examples Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss AWS Resource Access Manager (RAM) and how it can be used to securely share AWS resources like VPC subnets, databases, and SSM parameters across accounts. We explain the benefits of using RAM over other options like resource policies and assumed roles. Some key topics covered include how to get started with RAM, how it works from the resource owner and resource participant side, and common use cases like sharing VPC subnets, Aurora databases, and SSM parameters. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner with lots of experience with AWS, Serverless, and Lambda. If you are looking for a partner that can help you deliver your next Serverless workload successfully, look no further and reach out to us at ⁠⁠⁠⁠⁠https://fourTheorem.com⁠⁠⁠⁠⁠ In this episode, we mentioned the following resources: Sharing Aurora Databases with RAM (Conor Maher's article): https://fourtheorem.com/using-aws-resource-access-manager-for-development/Blog post "VPC Lattice: The Future of AWS Networking Explained": https://fourtheorem.com/vpc-lattice/Our previous episode dedicated to VPC Lattice: https://awsbites.com/88-what-is-vpc-lattice/VPC Lattice sample code base: https://github.com/fourTheorem/vpc-lattice-demoSharing AWS Systems Manager Parameters official announcement: https://aws.amazon.com/about-aws/whats-new/2024/02/aws-systems-manager-parameter-store-cross-account-sharing/Official documentation for what can be shared with RAM: https://docs.aws.amazon.com/ram/latest/userguide/shareable.html Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss Permission Boundary policies in AWS IAM. A permissions boundary is an advanced feature in which you set the maximum permissions that an identity-based policy can grant to an IAM entity. When you set a permissions boundary for an entity, the entity can perform only the actions allowed by its identity-based policies and its permissions boundaries. In this episode, we discuss this concept a bit more in detail and we show how it can be used to give freedom to development teams while preventing privilege escalation. We also cover some of the disadvantages that come with using permission boundaries and other things to be aware of. Finally, we will give some practical advice on how to get the best out of Permissions Boundary Policy and get the best out of them. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner with lots of experience with AWS, Serverless, and Lambda. If you are looking for a partner that can help you deliver your next Serverless workload successfully, look no further and reach out to us at ⁠⁠⁠⁠https://fourTheorem.com⁠⁠⁠⁠ In this episode, we mentioned the following resources: Episode 112. "What is a Service Control Policy (SCP)?": https://awsbites.com/112-what-is-a-service-control-policy-scp/IAM Policy Simulator: https://policysim.aws.amazon.com/home/index.jsp?#rolesThe famous RSA paper that introduces Alice and Bob in the world of cryptography: https://web.williams.edu/Mathematics/lg5/302/RSA.pdfA biographical backstory on Alice and Bob: https://urbigenous.net/library/alicebob.html Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss the new experimental AWS Lambda LLRT Low Latency runtime for JavaScript. We provide an overview of what a Lambda runtime is and how LLRT aims to optimize cold starts and performance compared to existing runtimes like Node.js. We outline the benefits of LLRT but also highlight concerns around its experimental status, lack of parity with Node.js, and reliance on dependencies like QuickJS. Overall, LLRT shows promise but needs more stability, support, and real-world testing before it can be recommended for production use. In the end, we also have an appeal for AWS itself when it comes to investing in the larger JavaScript ecosystem. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner with lots of experience with AWS, Serverless, and Lambda. If you are looking for a partner that can help you deliver your next Serverless workload successfully, look no further and reach out to us at ⁠⁠⁠https://fourTheorem.com⁠⁠⁠ In this episode, we mentioned the following resources: Episode 104. "Explaining Lambda Runtimes": https://awsbites.com/104-explaining-lambda-runtimes/LLRT official repository on GitHub: https://github.com/awslabs/llrtQuickJS official website: https://bellard.org/quickjs/Lambda performance benchmark by Maxime David: https://maxday.github.io/lambda-perf/Richard Davidson on GitHub: https://github.com/richarddavisonFabrice Bellard on Wikipedia: https://en.wikipedia.org/wiki/Fabrice_BellardQuickJS-ng fork: https://github.com/quickjs-ng/quickjsQuickJS issue where users debate whether the project is dead or alive: https://github.com/bellard/quickjs/issues/188WinterCG initiative: https://wintercg.org/ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss what to do if you accidentally leak your AWS credentials during a live stream. We explain the difference between temporary credentials and long-lived credentials, and how to revoke each type. For temporary credentials, we recommend using the AWS console to revoke sessions or creating an IAM policy to deny access. For long-lived credentials, you must deactivate and rotate the credentials. We also touch on using tools like HashiCorp Vault to manage credentials securely. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner that doesn’t suck. Check us out at ⁠⁠https://fourTheorem.com⁠⁠ In this episode, we mentioned the following resources: Gist with example policy: https://gist.github.com/lmammino/02fef8ce0cc22a45f219fe4f47fcf20cRevoking IAM role temporary security credentials (official AWS docs): https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_revoke-sessions.html Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we provide a friendly introduction to Service Control Policies (SCPs) in AWS Organizations. We explain what SCPs are, how they work, common use cases, and tips for troubleshooting access-denied errors related to SCPs. We cover how SCPs differ from identity-based and resource-based policies, and how SCPs can be used to set boundaries on maximum permissions in AWS accounts across an organization. 💰 SPONSORS 💰 AWS Bites is sponsored by fourTheorem, an AWS Partner with plenty of experience setting up AWS accounts and Service Control Policies. If that's something you'd like some help with, reach out to us on social media or check out ⁠https://fourTheorem.com⁠ In this episode, we mentioned the following resources: Episode 96: "AWS Governance and Landing Zone with Control Tower, Org Formation, and Terraform": https://awsbites.com/96-aws-governance-and-landing-zone-with-control-tower-org-formation-and-terraform/Episode 40: "What do you need to know about IAM?": https://awsbites.com/40-what-do-you-need-to-know-about-iam/Conor Maher's repo with some SCP examples: https://github.com/conzy/terraform-demo Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss how we work as a cloud consulting company, including our principles, engagement process, sprint methodology, and focus on agile development to deliver successful projects. We aim to be trusted partners, not just vendors, and enable our customers' business goals. By the end of this episode, you will know what working with a cloud consulting company like fourTheorem could look like and you might learn some strategies to make cloud projects a success! We will also digress a little into the history of software practices, common misconceptions, and what we believe should be the right way to build software. 💰 SPONSORS 💰 AWS Bites is sponsored by fourTheorem, an AWS Partner with plenty of experience delivering cloud projects to production. If you want to chat, reach out to us on social media or check out https://fourTheorem.com In this episode, we mentioned the following resources. Working with fourTheorem (blog post): https://fourtheorem.com/working-with-fourtheorem/AI as a service, book by Peter Elger and Eoin Shanaghy: https://www.manning.com/books/ai-as-a-serviceMajority of developers spending half, or less, of their day coding, report finds (TechRepublic article): https://www.techrepublic.com/article/majority-of-developers-spending-half-or-less-of-their-day-codin g-report-finds/2023 software.com Future of Work Report: https://www.software.com/reports/future-of-workManaging the Development of Large Software Systems, Dr. WInston W. Royce, 1970: https://www.praxisframework.org/files/royce1970.pdf Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

In this episode, we discuss using AWS Lambda for machine learning inference. We cover the tradeoffs between GPUs and CPUs for ML, tools like ggml and llama.cpp for running models on CPUs, and share examples where we've experimented with Lambda for ML like podcast transcription, medical imaging, and natural language processing. While Lambda ML is still quite experimental, it can be a viable option for certain use cases. 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources. Episode "46. How do you do machine learning on AWS?": https://awsbites.com/46-how-do-you-do-machine-learning-on-aws/Episode "108. How to Solve Lambda Python Cold Starts": https://awsbites.com/108-how-to-solve-lambda-python-cold-starts/ggml (the framework): https://github.com/ggerganov/ggmlggml (the company): https://ggml.aillama.cpp: https://github.com/ggerganov/llama.cppwhisper.cpp: https://github.com/ggerganov/whisper.cppwhisper.cpp WebAssembly demo: https://whisper.ggerganov.com/ONNX Runtime: https://onnxruntime.ai/An example of using whisper.cpp with the Rust bindings: https://github.com/lmammino/whisper-rs-exampleProject running Whisper.cpp in a Lambda function: https://github.com/eoinsha/whisper_lambda_cppAWS Lambda Image Container Chest X-Ray Example: https://github.com/fourTheorem/lambda-image-cxr-detectionEpisode "103. Building GenAI Features with Bedrock": https://awsbites.com/103-building-genai-features-with-bedrock/⁠ Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠ - ⁠⁠⁠⁠https://twitter.com/loige⁠⁠

This episode of the AWS Bites Podcast provides an overview of the AWS Project Development Kit (PDK), an open-source tool to help bootstrap and maintain cloud projects. We discuss what PDK is, how it can help generate boilerplate code and infrastructure, keep configuration consistent across projects, and some pros and cons of using a tool like this versus doing it manually. Is PDK something you should use for your cloud projects? Let's find out! 💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, an Advanced AWS Partner. If you are moving to AWS or need a partner to help you go faster, check us out at fourtheorem.com ! In this episode, we mentioned the following resources. The official PDK website (and documentation): https://aws.github.io/aws-pdk/Our previous episode "16. What are the pros and cons of CDK?": https://awsbites.com/16-what-are-the-pros-and-cons-of-cdk/Our previous episode "93. CDK Patterns - The Good, The Bad and The Ugly": https://awsbites.com/93-cdk-patterns-the-good-the-bad-and-the-ugly/Projen's official website: https://projen.io/Introduction talk to Projen at CDK Day 2020: https://www.youtube.com/watch?v=SOWMPzXtTCwOur previous episode "70. How do you create good AWS diagrams?": https://awsbites.com/70-how-do-you-create-good-aws-diagrams/Building a shopping list app with PDK (tutorial): https://aws.github.io/aws-pdk/getting_started/shopping_list_app.htmlPDK in-depth developer guides: https://aws.github.io/aws-pdk/developer_guides/index.htmlOpinion by Vlad Ionescu on X: https://twitter.com/iamvlaaaaaaad/status/1743608823896592640Yeoman: https://yeoman.io/CookieCutter: https://github.com/cookiecutter/cookiecutterTerraform project generation example: https://github.com/conzy/terraform-demo Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠https://twitter.com/eoins⁠⁠⁠ - ⁠⁠⁠https://twitter.com/loige⁠⁠