Taking notes on a conference with smartphone and Bluetooth keyboard

21 May 2019, Dávid Csákvári
This month I’ve attended the Craft Conference. Last time I used my laptop to take notes, but this time, I tried a new setup to save some space in my backpack: an Android smartphone with a Bluetooth keyboard.

Why a multi-account setup is essential for secure systems

14 May 2019, Tamás Sallai
All too often I see companies having opened an AWS account jump right in and start deploying systems. This is fine when the project is in the development phase without production resources like databases filled with customer data or third-party integrations. But time goes on and at one point the system under development goes into production and while everybody is happy that it finally happened – and quite possibly the easing of the time pressure – few think about how to it will be secure in the long run. More often than not, this single account will be used for continuing development next to the production resources.

CloudFormation CLI workflows

07 May 2019, Tamás Sallai
Despite my ambivalent feeling about CloudFormation I use it a lot, but managing stacks through the Console is a pain. Fortunately, this service enjoys the same CLI support most other ones do, so it is just a matter of scripting to make it more developer-friendly.

How to check if your Reserved Instances are used

30 April 2019, Tamás Sallai
Maybe you have a few instances that are running 24/7 and you were thinking about using Reserved Instances (RIs for short) to save a significant amount of money. After all, according to AWS, a reduction of up to 75% is quite significant. Then you made the leap and paid for the reservation, and you are sleeping better knowing that the next bill will be considerably smaller than the last one.

Editors' Favourites

Despite my ambivalent feeling about CloudFormation I use it a lot, but managing stacks through the Console is a pain. Fortunately, this service enjoys the same CLI support most other ones do, so it is just a matter of scripting to make it more developer-friendly.
One of the most catastrophic of the AWS account security breaches is not sophisticated hacking involving 0-day vulnerabilities traded on the deep web by high-profile hackers. It is when you post your access and secret keys in plain text to the public. After all, it’s so easy to test with some hard-coded keys and accidentally push it to the VCS.
S3 signed URLs provide fine control over who can access private resources. It is flexible regarding both the permission side and also on the ease of automation.
Why some projects are clean, easy-to-read, and performant, while others a convoluted mess? Why, when making a modification, in some codebases everything falls into place immediately, while in others it’s more like walking on a minefield?