Rowan Udell

AWS, Serverless, Code, and Security

Understand your Lambda Event Retries

Understanding the differences between the various event types and their retries is important, because it will change how you design and code your application. If you're developing a serverless application in Lambda, you will have to deal with

lambda aws architecture

Secure your CloudFront Distributions

UPDATE: AWS announced over the weekend [https://aws.amazon.com/blogs/security/enhanced-domain-protections-for-amazon-cloudfront-requests/] that they're enhancing protections against this kind of scenario. A few weeks ago a security researcher shared [https://disloops.com/cloudfront-hijacking/] it was possible to

cloudfront aws

Federated CodeCommit Access

CodeCommit access via federated credentials is the way to go. You're not using long-lived Access Keys are you? Bad engineer! Stop that! For better or worse, federated IAM access requires you to use the HTTPS endpoint with a

aws iam codecommit

Serverless Operations Presentation

Last week I presented to the Sydney AWS Lambda User Group [https://www.meetup.com/Sydney-AWS-Lambda-User-Group/events/245247306/] about serverless operations aka. LessOps. Here are the slides I used to talk about the good - and less good - things

serverless aws lambda meetup

Edge Bundling Security Groups Redux

You can now visualise your own EC2 security groups [https://rowanu.github.io/security-groups-edge-bundling/] using edge bundling - No scripts, no downloads! This small web application takes an AWS access key id and secret access key to make requests against

aws visualisation ec2 cloudformation

A last minute guide to re:Invent

I'm fortunate enough to be heading back to AWS re:Invent [https://reinvent.awsevents.com/] this year. If tickets aren't sold out by the time you read this, they will be soon. Here's a

aws reinvent