cloud

Configuring Grafana Alerts with AWS SES to send email alerts

Introduction If you have a couple of servers in your homelab and have set up monitoring, chances are you’ve implemented alerting to notify you when something doesn’t go as expected. Two of the most popular options for managing alerts are Grafana Alerts and Prometheus Alertmanager. Unless you have very specific requirements for alert grouping or silencing—or you don’t use Grafana for visualization—Prometheus Alertmanager might not be your first choice.

Saturday, January 11, 2025 Read

Setting up AWS dynamic VPN using Transit Gateway attachments and BGP

Note This blog post is inspired from one of Adrian Cantrill’s labs in his AWS Advanced Networking course. I highly recommend his content, it helped me pass all of my AWS certs. Feel free to check his courses. The setup for strongswan and FRR BGP was taken from this blog post. Architecture The purpose of this blog post is to demo highly-available AWS VPN with Transit Gateway (TGW) attachments and highlight the steps to setup the TGW, the IPSec tunnels and BGP routing. Setting up VPN is an essential feature in all hybrid cloud estates because it improves the organization’s security posture by encrypting data transmissions and facilitating secure access across both cloud and on-prem environments.

Thursday, July 4, 2024 Read

Checking AWS resource compliance with AWS Config Custom Lambda Rules and Rules Development Kit

Introduction AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. It continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. AWS Config rules allow you to assess whether your AWS resources comply with certain conditions and policies. There are two types of rules: *AWS Config Managed Rules* and *AWS Config Custom Rules*. AWS Config Managed Rules are predefined, customizable rules created by AWS Config. AWS Config Custom Rules are rules that you create from scratch.

Thursday, June 20, 2024 Read

Exploring AWS Hybrid DNS with R53 outbound/inbound endpoints

Architecture The purpose of this lab is to demo hybrid AWS DNS and highlight the steps to setup the necessary R53 endpoints and resolver rules. Hybrid DNS is a common feature across all IT infrastructures and hopefully this blog post will serve as a basic template to get you started if you are tasked with implementing domain resolution between cloud and onprem. As part of this lab we will implement the architecture below:

AWS
DNS

Tuesday, June 11, 2024 Read

Using Athena and Lambda to get daily notifications about your Cloudfront website requests

The problem After deploying this website I wanted to track the number of daily visitors. While Cloudfront provides default distribution metrics such as the total number of requests and error percentages, my focus was on obtaining the daily count of unique visitors. Cloudfront logs offer numerous fields which offer insights into things such as the source IP, HTTP method, protocol version or response times. These logs are available in two formats: standard, which are delivered multiple times per hour, and real-time. Since my requirement was to analyze the daily number of requests without real-time constraints, I opted for standard logs for my query.

AWS

Wednesday, May 15, 2024 Read

Using Lambda@Edge to overcome limitations of static website hosting with S3 and Cloudfront

The problem This blog is a static website hosted in a S3 bucket which acts as an origin for a Cloudfront distribution. The article that you are currently reading is a post which is located on the URI path ‘/posts’. When I first deployed this website and I tried to access the posts which were displayed perfectly fine in my localhost, I came across the error below:

AWS
fix

Wednesday, May 8, 2024 Read