sjramblings.io

I Used Amazon Q CLI to Build a Feature for Amazon Q CLI (And It Was Mind-Bending)

Ever wondered what it’s like to use an AI tool to improve itself? I just spent 2 hours using Amazon Q CLI to build a new feature for Amazon Q CLI, and the experience was genuinely mind-bending.

AWS Lands in New Zealand: What the ap-southeast-6 Region Means for Kiwi Cloud Builders

Summary AWS just flipped the switch on their newest region: Asia Pacific (New Zealand) - ap-southeast-6. After years of routing traffic through Sydney, Kiwi organizations finally have a local AWS presence. This isn’t just about national pride — it’s about single-digit millisecond latency, data sovereignty, and unlocking cloud-native architectures that were previously cost-prohibitive.

AWS VPC Route Server: The Game-Changer for Dynamic Routing You've Been Waiting For

Summary AWS just dropped a networking feature that’s going to change how we think about VPC routing forever. VPC Route Server brings dynamic routing capabilities directly into your VPC, automatically handling failover scenarios that used to require complex scripting or third-party solutions. If you’ve ever wrestled with static routes and manual failover for network appliances, this one’s for you.

Building AI-Powered Life Management Systems: The AWS Infrastructure Approach

Daniel Miessler just dropped a fascinating deep-dive into building what he calls a “Personal AI Infrastructure” (PAI) - essentially an AI-powered life management system that handles everything from content creation to security assessments. While his approach uses Claude Code and local tooling, it got me thinking about how we could architect something similar using AWS services.

The Bedrock AgentCore Toolkit: A New "Easy Button" for AI Agents

Let’s be honest. The most exciting part of building an AI agent is the agent itself—the logic, the prompts, the creative problem-solving. The least exciting part? The ceremony. The boilerplate. The tedious dance of wrapping our code in an API, writing a Dockerfile, managing ECR repositories, and wrestling with deployment scripts to get our creation into the cloud.

🕹️ AWS-Powered Tetris: Building a Retro Game with Amazon Q and Amplify

There’s something magical about the games we grew up with. The simple mechanics, the blocky graphics, and the maddeningly catchy music are etched into our collective memory. So when AWS announced the Build Games Challenge, a global event to recreate these classics using modern AI tools, I knew I had to jump in.

Cost-Effective Workflow Automation: Deploying n8n on Amazon Lightsail

Recently I’ve been trying out n8n as a workflow automation tool and I’m really enjoying the flexibility it offers. Of course, being an AWS Community Builder I would naturally run this on AWS Fargate as the n8n software is available as a container, however to keep the costs down I ended up running it on Amazon Lightsail.

Unlocking Cloud Savings: Your Guide to fsx and s3 Intelligent-Tiering with Python Magic! 🚀

Hey there, tech enthusiasts! Ever stared at your AWS bill and wondered, “Where did that come from?” Yeah, me too. Especially when diving deep into services like fsx for NetApp ONTAP and considering the magic of s3 Intelligent-Tiering to keep those storage costs in check.

Streamline Your Cloud Compliance: Mastering Time-Based AMI Copies with AWS

Hey there, Tech Friends! 👋 Let’s talk about something that might not sound super exciting at first glance, but trust me, if you’re wrestling with cloud infrastructure, especially in regulated industries, this is pure gold. We’re diving deep into the newly announced Time-based Copy for Amazon Machine Images (AMIs).

Unleash the Power of EBSight for Optimal AWS Storage Management 🚀

Hey there, tech aficionados! 👋 Recently, AWS dropped a neat minor update – they started showing the full size of your EBS snapshots. Game changer! This isn’t just the incremental stuff; it’s the data footprint.

Mastering AWS Security: Why You Should Avoid Using the Root User for Everyday Tasks

Hey there, tech enthusiasts! Ever felt that little thrill of power when you get root access on a system? It’s like holding the keys to the kingdom, right?

A Reminder of the Power of AWS Config

Today, I was reminded of the rich content stored in AWS Config and how easily it can reveal so much about an AWS Organisation across one or many accounts.

Ensuring Seamless Connectivity - The Crucial Role of Failover testing in AWS Direct Connect

👋 Hey there! Setting up the Direct Connect service is reserved for a select few. Typically, the network dudes handle this intricate task. However, understanding this service is crucial, especially when establishing hybrid cloud connectivity.

github Self-Hosted Runners on AWS CodeBuild

👋 Hey there! I’ve written before about establishing Self-Hosted Runners within github.com here. However, this involves deploying API endpoints and integrating with github via a WebHook. It’s not hard to establish, but it’s extra work to look after, update, and manage.

Creating shared github-actions

Table of contents Workflow Before Workflow After The Workflow Creating a shared (reusable) workflow Workflow Repository Adapt the workflow for reuse Calling the shared workflow Summary 👋 Hey there!

AWS Windows SSM Port Forwarding, too easy

👋 Hey there! Recently, I had to configure some Windows boxes for a project and was reminded of how simple it was to access them without needing a Bastion host by using SSM port forwarding. 🙌

Supercharge Your AWS CloudWatch Metrics with Lambda Powertools

In this post, I’ll show you how easy it is to publish custom metrics into AWS CloudWatch using AWS Lambda Powertools and the Cloudwatch EMU Specification

How to sync containers from github Container Registry to AWS ECS

Back in June last year I wrote about syncing containers from DockerHub to AWS ECS.

github-actions in CodeBuild

This month AWS released support for github-actions in CodeBuild. https://aws.amazon.com/about-aws/whats-new/2023/07/aws-codebuild-github-actions

Route 53 Resolver Magic

This post covers some core concepts of Route 53 Resolvers and how they can help establish inbound and outbound name resoltion with your on-premise and AWS resources.

Unlock the Hidden Power of VPC Sharing in AWS

As rightly stated here by Aidan Steele (AWS Hero), VPC Sharing appears to be the forgotten superpower.

AWS Config Rules Blessed with Cloudformation cfn-guard Support!

They said it was coming, and here it is! Support for defining custom cfn-guard rules for AWS Config via Cloudformation.

AWS GP3 Volumes

AWS GP3 Volumes AWS made the following announcement at Reinvent2020

AWS Managed Prefix Lists

AWS Managed Prefix Lists Some time ago AWS released a new feature called Customer Managed Prefix Lists.

Bootstrap Terraform on AWS

The Challenge Terraform is a great product for managing infrastructure on AWS however many people start by creating an iam user and sharing access keys into configuration files. This is really bad from a security aspect as these often get checked into version control and even worse in a public repo.

Cloudformation FirewallPolicy UPDATE_FAILED

While I have a fond love for Cloudformation, sometimes I find myself banging my head against a wall when trying to get past an error.

Config Conundrum

AWS Config At our organisation we use custom config rules to help us achieve near real-time compliance and remediation.

Getting started with cfn-guard

Update Link to official AWS blog post here A fair few policy-as-code tools are popping up these days. This post looks at getting started with cfn-guard to parse AWS Config Resource JSON outputs.

Github Runner ECS Authentication

Using this fantastic open-source project, we have enabled github-actions using ephemeral self-managed runners on AWS SPOT.

github-actions - How did I not see that

This post is about a mistake I made that wasted a fair bit of time on my side until the folks over in Support set me straight :)

github-actions AWS Authentication with OIDC for github Enterprise

There are many blog posts about how to use github-actions OIDC with AWS; however, they all refer to using Github.com and don’t provide some easy steps if you are running your own github Enterprise instance.

How to sync containers to AWS ECS the easy way

Back in November 2021 AWS announced that you can cache containers from DockerHub through to ECS.

How to use cfn-guard with AWS Config

I’m not sure when but AWS Config now supports using Guard rules to determine the compliance of resources. This is a pretty neat integration and one of the first I’ve seen from AWS on a side Open Source Project they have created.

Prowler on AWS

Prowler is an awesome open source tool for auditing AWS settings within an account or many accounts across an organisation.

Security Hub now supports Custom AWS Config Rules

AWS recently announced an integration that I’m a little excited about!

Terraform, github-actions & OIDC on AWS

I’ve posted here how to configure the OIDC AWS Provider & github Enterprise integration; however, nothing is better than an example of it working, and this post covers just that!

Up and running with AWS Network Firewall - Part 1

This post is the first in a series to share my learnings as I get to grips with AWS Network Firewall.

Up and running with AWS Network Firewall - Part 2

The second post in my series as I share my learnings with AWS Network Firewall.

Up and running with AWS Network Firewall - Part 3

The third post in my series as I share my learnings with AWS Network Firewall.

When Enterprise IT systems migrate to AWS

So we’ve all seen the marketing slides…. Company x saved 40% in infrastructure costs Company y collapsed their monolith into 40 Lambdas But what happens when an on-prem system that has hummed its tune in the local Data Centre for years and the vendor has never even thought of a cloud migration or even contemplated what capabilities exist in Public Cloud?

Aws