Thanks to tools such as Hugo and Jekyll static websites are becoming more and more popular. These tools provide a great way to build blogs and other websites which load much faster and are cheaper to host than their dynamic equivalents.

A common way of serving these sites is by uploading the generated HTML to AWS S3 and using the static website hosting functionality.

An improvement on this approach is to combine the S3 bucket with a CloudFront distribution. This improves the speed that pages are served to users, especially if the website has a global audience. Another benefit to…

Slack apps are great as small, hobby projects. They can also be used to improve productivity in a business. Or just for fun. In this guide I’ll take you through how to build an app for Slack and deploy it to AWS using Terraform and CircleCI.

Recently I created a Slack app that can be used for sharing secrets which was a great learning experience. I used this as the basis for creating a template repo on GitHub which contains everything that’s needed to quickly build and deploy an app for Slack.

This template repo includes Terraform configuration to deploy…

One of the hardest things about learning a new area of software development is understanding how to do things rather than what to do.

What to do is easily learnt from documentation and Stack Overflow. Usually this is just a case of learning a new syntax. But often learning which tools to use can make the difference between something seeming overly complicated or being very easy.

So, if you’re new to working with AWS and Terraform here are 5 tools which will make your life much easier.

aws-vault

When you first get started with the AWS CLI the documentation tells you…

Using AWS accounts to isolate workloads has long been established as a good practice but it can often be unclear how to manage that process.

AWS recently released Control Tower to make it easier for teams to manage their AWS accounts. But Control Tower has some limitations, for example it doesn’t yet support existing accounts. And for small teams, or individuals, a simpler approach may be all that’s needed. Hopefully if you come into either of those categories then this approach will help you.

As a full time nerd I often have ideas for projects I want to work on…

A few weeks ago The Scale Factory released s3audit, a command line tool for auditing the settings of AWS S3 buckets.

Since its release s3audit has garnered a modest amount of interest from the wider AWS community. Following the release:

• The original Medium article announcing the release was featured in two newsletters: DevOps Weekly and Last Week In AWS
• The NPM package was installed over 200 times
• The GitHub repository gained over 60 stars
• And had its first pull request (from someone outside of The Scale Factory)

These figures are modest compared with the many popular open source projects which…

These days it can seem like we don’t have to wait very long for another data breach involving an insecure S3 bucket. Such data breaches generally involve private data being stored in an S3 bucket which allows public access.

This year alone we’ve seen data breaches from Teletext Holidays, a 3rd party Facebook application, and Lion Air.

Data breaches like these can easily be avoided by following AWS good practices for securing S3 buckets. This includes ensuring that S3 bucket settings block public access.

Introducing s3audit

Today The Scale Factory are releasing s3audit, a CLI tool to audit S3 buckets within an…

You’ve heard all the reasons why you should migrate to Fargate, but what do you need to think about when doing a migration?

You have two options for deploying a containerised application to AWS ECS. With the EC2 launch type you deploy your applications to a fleet of EC2 instances which you manage. The Fargate launch type was announced in November 2017 and allows you to deploy applications to ECS without managing the underlying EC2 instances.

So you’ve decided that you want to migrate from the EC2 launch type to Fargate. The good news is that it’s a relatively easy…

A common strategy when using CodePipeline is to upload files to an S3 bucket as part of the deployment process.

This works great for a simple pipeline where the pipeline and the S3 bucket exist in the same account. But imagine a more complicated situation where you want to deploy artifacts to another AWS account. Such a situation can easily arise if you follow AWS good practice and use different AWS accounts for separation of concerns.

You may be tempted to think that this would be easy. After all, S3 cross-account access is easy isn’t it? Setup cross-account access for…