AWS STS is an AWS service that allows you to request temporary security credentials for your AWS resources, for IAM authenticated users and users that are authenticated in AWS such as federated users via OpenID or SAML2.0.
You use STS to provide trusted users with temporary access to resources via API calls, your AWS console or the AWS command line interface (CLI)
The temporary security credentials work exactly like regular long term security access key credentials allocated to IAM users only the lifecycle of the access credentials is shorter.
Typically an application will make an API request to AWS STS…
Hava is an application that analyses your cloud configuration and maps out the discovered networks and resources when connected to your AWS, Azure or GCP accounts.
After connecting your cloud accounts, you end up with a set of diagrams visualising your network infrastructure and resources as well as AWS security group diagrams and trusted advisor management reports.
If you are using AWS to build solutions that consist of more than a handful of resources you will appreciate the need for accurate network documentation. By far, the best form of documentation to be able to easily communicate how your AWS network is constructed is a network topology diagram.
Mapping out your VPCs, regions, subnets and resources allows you to see exactly what is running where and how resources are connected. …
AWS Trusted Advisor is a service that inspects all the resources present in your AWS account and suggests improvements to bring them in line with AWS best practices.
When you first start using AWS it is reasonably easy to keep track of what you have running, however as time goes on and your account footprint grows you may start to get sub-optimal scenarios in terms of cost management and performance that go unnoticed.
You may have orphaned resources, unused or obsolete snapshots, storage volumes that are no longer in use, resources that are not attached to instances, the list goes…
Hava will now allow you to share individual diagram views using iframe embed code without the need for plug-ins, special API access, complex code or lengthy command line instructions.
Any of the diagrams you have generated automatically by connecting your cloud accounts, or have generated using custom on-the-fly queries and deep search may be embedded into other web properties or applications that support iframes.
Typically used for :
For instance, you could embed a diagram related to a development or support ticket in Jira.
The embedded diagram is live and…
When you are working with AWS cloud infrastructure, accurate network topology diagrams play a major part in monitoring and internally communicating the design of your AWS infrastructure.
Being able to visualise all of your AWS components and resources in diagram form assists in understanding what is running where and also helps experienced engineers spot vulnerabilities and redundancy issues in network design.
The main problem with documenting AWS components has always been the time it takes to manually draw diagrams. Depending on the complexity of your infrastructure It can take days or even weeks to accurately depict what AWS components you…
CloudFormation is a method of provisioning AWS infrastructure using code. It allows you to model a collection of related resources, both AWS and third party, to provision them quickly and consistently.
AWS CloudFormation also provides you with a mechanism to manage the resources through their lifecycle.
CloudFormation is designed to help you manage your AWS resources, especially associated resources. You can use CloudFormation to group resources with dependencies into stacks using templates.
CloudFormation works by defining your AWS resources in a structured text file in either JSON or YAML formats. This is known as a CloudFormation template. …
Amazon Aurora is an AWS RDS database service that brings together enterprise performance and scalability at pricing that’s more associated with harder to scale open source solutions.
Amazon Aurora is compatible with PostgreSQL and MySQL which provides low friction pathways when selecting a database for new projects or porting the databases from existing products.
AWS claim that Aurora is up to 5 times faster than MySQL and 3 times faster than PostgreSQL from the outset and will automatically scale to meet the demands of your applications. The database instances scale in increments of 10GB up to a maximum of 64TB…
No one needs network documentation, until they do.
The ability to understand existing cloud infrastructure, communicating the state of play with internal and external stakeholders and quickly responding to unexpected events are all well known reasons to keep on top of your cloud documentation.
There are also some less obvious, but equally important reasons to maintain an up to date set of cloud infrastructure documentation. Let’s take a look at some of the top reasons to document and automate your cloud network topology.
Auto generating your cloud infrastructure instead of manually drawing your cloud diagrams ensures that you are seeing…
AWS security groups act as a virtual firewall for your EC2 instances to control inbound and outbound traffic.
“Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC could be assigned to a different set of security groups.” — AWS Documentation
Trawling through your VPC flow logs helps provide visibility into your network traffic to detect anomalous traffic and provides insights, however, it still comes with its own risk of error.
Generating a visual diagram from the source of truth with automated layouts to display your network infrastructure as it…
Tech Writer, Developer, Marketer and Generator of Leads.