Chariot Day 2022: Finding the Signal in the Noise
One of the greatest joys of working at Chariot is having coworkers who are curious and eager to share their knowledge.
Limiting Cross-stack References in CDK
Several years ago I wrote CloudFormation Tips and Tricks, in which I gave the advice to “use outputs lavishly, exports sparingly.” The reason is that when you export a value from one stack and import it into another you bind those stacks tightly together, and can’t change that exported value. For example, you might create … Read More
TechChat Tuesdays #53: Boycotting Wayland, and banishing the leap second
Podcast: Play in new window | Download (Duration: 44:44 — 41.0MB) | Embed
From the Chariot Blog We’ve always got great content on the Chariot blog, written by our developers: it’s got over 20 years of tech reviews, tutorials, and more. We’re celebrating our 20th anniversary here at Chariot. Check out this post written by our fearless leader and CEO, Mike Rappaport, on how Chariot’s unique approach has … Read More
The Serverless Stack (SST) Platform
Serverless Stack (serverless-stack.com) is another rapid serverless application development platform for AWS. SST (as it is also known) promises to streamline development and allow local debug of AWS Lambdas. It uses the AWS CDK and a set of its own constructs and configuration settings to make building serverless applications easier, and provide a more helpful … Read More
Keith Gregory: Mitigating Log4Shell with AWS
Deploying your applications in the Cloud, and using the services it provides, is one good way to mitigate the possibility of future attacks.
Managing Internet Access for AWS Workloads
Two months ago I didn’t give much thought to controlling a program’s access to the Internet. Then Log4Shell happened. This post looks at three ways that you can control what an in-VPC application is allowed to talk to.
Side Project Spotlight: IoT with Al Iacovella
Building a holiday light display for his own home spurred Al Iacovella’s interest in microcontrollers, data, and the internet of things.
Using Cloud Deployments To Mitigate Log4Shell and Similar Vulnerabilities
It’s been a week since CVE-2021-44228, a remote code execution vulnerability in Log4J 2.x, hit the world. Hopefully by now everybody reading this has updated their Java deployments with the latest Log4J libraries. But no doubt there’s another vulnerability, in some popular framework or library, just waiting to make its presence known. This post is about Cloud features that act to minimize the blast radius of such vulnerabilities.
First Look at Amazon Redshift Serverless
Amazon Redshift’s launch in 2012 was one of the “wow!” moments in my experience with AWS. Here was a massively parallel database system that could be rented for 25 cents per node-hour. Here we are in 2021, and AWS has just announced Redshift Serverless, in which you pay for the compute and storage that you use, rather than a fixed monthly cost for a fixed number of nodes with a fixed amount of storage. And for a lot of use cases, I think that’s a great idea. So I spent some time kicking the tires, and this is what I learned.
Rightsizing Data for Athena
Amazon Athena is a service that lets you run SQL queries against structured data files stored in S3. It takes a “divide and conquer” approach, spinning up parallel query execution engines that each examine only a portion of your data. The performance of these queries, however, depends on how you consolidate and partition your data. In this post I compare query times for a moderately large dataset, looking for the “sweet spot” between number of files and individual file size.