AWS Bites

In this episode of the AWS Bites podcast, we discuss the challenges of hosting private static websites on AWS. We explore why it's important to host internal corporate applications and line of business applications only for internal consumption, and the requirements for doing so. We also evaluate different options for hosting private static websites, including S3 with CloudFront, containers on ECS/Fargate with ALB, API Gateway, and AppRunner. Finally, we summarize the pros and cons of each option and provide a rating for each. If you're looking to host a private static website on AWS, this episode is a must-listen!

💰 SPONSORS 💰

AWS Bites is sponsored by ⁠⁠⁠⁠⁠⁠⁠fourTheorem⁠⁠⁠⁠⁠⁠⁠, an AWS Consulting Partner offering training, cloud migration, and modern application architecture.

In this episode, we mentioned the following resources:

• Our previous episode "How do you deploy a static website in AWS?": https://awsbites.com/3-how-do-you-deploy-a-static-website-on-aws/
• Our previous episode "How do you use Lambda response streaming": https://awsbites.com/77-how-do-you-use-lambda-response-streaming
• Our previous episode "How do you do Functionless APIs?": https://awsbites.com/79-how-do-you-do-functionless-apis
• Open issue on GitHub for private hosted zones support for App Runner: https://github.com/aws/apprunner-roadmap/issues/183

You can listen to AWS Bites wherever you get your podcasts:

• Apple Podcasts:⁠⁠⁠⁠⁠⁠⁠ https://podcasts.apple.com/us/podcast/aws-bites/id1585489017⁠⁠⁠⁠⁠⁠⁠
• Spotify: ⁠⁠⁠⁠⁠⁠⁠https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q⁠⁠⁠⁠⁠⁠⁠
• Google: ⁠⁠⁠⁠⁠⁠⁠https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==⁠⁠⁠⁠⁠⁠⁠
• Breaker:⁠⁠⁠⁠⁠⁠⁠ https://www.breaker.audio/aws-bites⁠⁠⁠⁠⁠⁠⁠
• RSS: ⁠⁠⁠⁠⁠⁠⁠https://anchor.fm/s/6a3312a0/podcast/rss

In this exciting episode of the AWS Bites podcast, we're diving into the fascinating world of functionless applications. Yes, you heard it right! We'll be exploring how reducing the number of lambda functions can simplify your applications, resulting in lower latency, no cold starts, and cheaper costs.

But don't worry, we still love lambda! We'll be explaining the pros and cons of this approach, taking you through a step-by-step guide on how to use service proxies and manipulate the input for the target service using VTL.

And that's not all! We also share some helpful resources for those interested in learning more about this approach, including blog posts from some of the brightest minds in the field like Alex DeBrie, Sheen Brisals, and Paul Swail.

So, tune in and learn how to simplify your applications, reduce costs, and take your AWS game to the next level with functionless applications!

💰 SPONSORS 💰

AWS Bites is sponsored by ⁠⁠⁠⁠⁠⁠fourTheorem⁠⁠⁠⁠⁠⁠, an AWS Consulting Partner offering training, cloud migration, and modern application architecture.

In this episode, we mentioned the following resources:

• Blog post from Alex DeBrie on API Gateway Service Proxy: https://www.alexdebrie.com/posts/aws-api-gateway-service-proxy/
• Another blog post on Service Proxy by Sheen Brisals: https://sbrisals.medium.com/dont-wait-for-functionless-write-less-functions-instead-8f2c331cd651
• "Some code is more equal than others" by Paul Swail https://serverlessfirst.com/some-code-more-equal/

You can listen to AWS Bites wherever you get your podcasts:

• Apple Podcasts:⁠⁠⁠⁠⁠⁠ https://podcasts.apple.com/us/podcast/aws-bites/id1585489017⁠⁠⁠⁠⁠⁠
• Spotify: ⁠⁠⁠⁠⁠⁠https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q⁠⁠⁠⁠⁠⁠
• Google: ⁠⁠⁠⁠⁠⁠https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==⁠⁠⁠⁠⁠⁠
• Breaker:⁠⁠⁠⁠⁠⁠ https://www.breaker.audio/aws-bites⁠⁠⁠⁠⁠⁠
• RSS: ⁠⁠⁠⁠⁠⁠https://anchor.fm/s/6a3312a0/podcast/rss

Harken, good sir! Art thou aware of the arcane art of safeguarding thy AWS instances from malevolent threats whilst keeping them accessible for thy travels? There exists a mighty tool for such purpose, and it is hight the "bastion host." In this pamphlet, we shalt unravel the mysteries of the bastion host and showeth thee how to useth it to safeguard thy web space. We shall commence by presenting a shadowy example architecture and introducing thee to the definition of a bastion host. We shalt then delve into the question of whether bastion hosts could be a security liability and explore the enigmatic concept of port-knocking. We shalt also take thee on a valiant journey of how to provision a bastion host on AWS, and explaineth the cryptic basics of SSH and tunnels. Thou shalt discover the dark side of managing SSH keys and auditing SSH connections, and we shall reveal the secrets of AWS EC2 Instance Connect and AWS Session Manager (SSM) as solutions. Thou shalt learn how to accept connections without exposing a port on the public internet, and we shall introduce thee to a mysterious tool called "basti" that can make it easier to provision SSM-based bastion hosts and connect to thy databases. We shalt wrap up by revealing alternative security measures to the mysterious bastion host and provide thee with cryptic closing notes to summarize the key takeaways from this video. Heed our call to this intriguing guide to securing thy web space, and may the forces of the internet be in thy favor! 🛡️ SPONSORS 🛡️ Harken, good folk! We would like to offer our deepest gratitude to our noble sponsor, fourTheorem (https://fourtheorem.com), an AWS Consulting Partner that doth offer training, cloud migration, and modern application architecture. Thanks to their generosity, we are able to continue on our journey of imparting wisdom and knowledge regarding AWS.

Verily, in this episode, we hath made mention of the following resources:

• ⁠⁠⁠An open-source implementation of the port-knocking technique
• Thee official guide to set up EC2 Instance Connect
• A list of AWS IPs
• Thee official docs on how to set up SSM
• SSM agent code on GitHub
• Thee inlets project on GitHub
• Basti on GitHub
• Tailscale
• Wireguard

Hear ye, hear ye! AWS Bites is at thy disposal wherever thou mayest listen to thy podcasts:

• Apple Podcasts:⁠⁠⁠⁠⁠⁠ https://podcasts.apple.com/us/podcast/aws-bites/id1585489017⁠⁠⁠⁠⁠⁠
• Spotify: ⁠⁠⁠⁠⁠⁠https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q⁠⁠⁠⁠⁠⁠
• Google: ⁠⁠⁠⁠⁠⁠https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==⁠⁠⁠⁠⁠⁠
• Breaker:⁠⁠⁠⁠⁠⁠ https://www.breaker.audio/aws-bites⁠⁠⁠⁠⁠⁠
• RSS: ⁠⁠⁠⁠⁠⁠https://anchor.fm/s/6a3312a0/podcast/rss

Are you tired of waiting for your Lambda functions to finish before getting a response? Well, now you don't have to! In this episode of the AWS Bites podcast, we will talk about Lambda Response Streaming, a new feature recently added by AWS that lets you stream responses from your Lambda functions in real time. We'll start by explaining what Lambda Response Streaming is and how it differs from buffering. We'll also discuss HTTP Chunking and other benefits of streaming. If you're a Node.js developer, you'll be happy to know that we'll cover how to work with streams in Node.js and how the new Lambda Response Streaming API works with the Node.js runtime. But that's not all! We'll also discuss how to consume Lambda Response Streaming responses and compare that with S3 Object Response. And if you're wondering about pricing and quotas, we'll cover that too. Finally, we'll answer the question on everyone's mind: will we get streaming requests as well? You'll have to watch the video to find out! So if you're interested in learning more about Lambda Response Streaming and how it can improve the performance of your serverless applications, make sure to tune in. We promise it'll be worth your time.

💰 SPONSORS 💰

AWS Bites is sponsored by ⁠⁠⁠⁠⁠fourTheorem⁠⁠⁠⁠⁠, an AWS Consulting Partner offering training, cloud migration, and modern application architecture.

In this episode, we mentioned the following resources:

• ⁠Official announcement blog post for Lambda Response Streaming
• Our previous episode about Lambda function URLs vs API GW vs LB
• HTTP Chunked transfer encoding protocol
• Luciano's free Node.js streams workshop on GitHub
• Node.js design patterns (the book)
• Streamify response functionality in Middy
• Lambda Rust Runtime codebase (support for Response Streaming)
• Similar evidence of Response Streaming feature support in the GoLang Runtime
• Our previous episode about S3 pre-signed URLs
• Lambda Response Streaming pricing
• Eoin's article about S3 Object Response
• Experimental Node.js custom Node.js streaming runtime

You can listen to AWS Bites wherever you get your podcasts:

• Apple Podcasts:⁠⁠⁠⁠⁠ https://podcasts.apple.com/us/podcast/aws-bites/id1585489017⁠⁠⁠⁠⁠
• Spotify: ⁠⁠⁠⁠⁠https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q⁠⁠⁠⁠⁠
• Google: ⁠⁠⁠⁠⁠https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==⁠⁠⁠⁠⁠
• Breaker:⁠⁠⁠⁠⁠ https://www.breaker.audio/aws-bites⁠⁠⁠⁠⁠
• RSS: ⁠⁠⁠⁠⁠https://anchor.fm/s/6a3312a0/podcast/rss

In this episode, we're doing something different! Join us for a special screen-sharing edition of our podcast series, as we take a deep dive into AWS Copilot, a service designed to simplify container application deployment on AWS. During this video, we'll be sharing our screens as we walk through the AWS Copilot landing page and documentation, and demonstrate how to use the service to deploy a container application. We highly recommend watching the video version of this episode, as we'll be providing a lot of visual guidance and examples. Starting with the basics, we'll learn about the differences between copilot init and copilot app init, and how to prepare our environment using a custom domain. We'll then walk through the deployment process step-by-step, examining the generated configuration file, manifest.yml, and testing our deployed application. Next, we'll explore the networking resources created by AWS Copilot, including a VPC, subnets, and a load balancer, and review the automation capabilities of CodePipeline. We'll also discuss the options available for rolling out new changes, and demonstrate how to make changes and re-deploy through the pipeline. Throughout the video, we will share their thoughts and opinions on AWS Copilot, including a failed attempt with AppRunner and a review of the pipeline execution and timing.

💰 SPONSORS 💰

AWS Bites is sponsored by ⁠⁠⁠⁠fourTheorem⁠⁠⁠⁠, an AWS Consulting Partner offering training, cloud migration, and modern application architecture.

In this episode, we mentioned the following resources:

• AWS Copilot landing page
• AWS Copilot documentation
• AWS App2Container tool
• AWS AppRunner
• Our previous episode "Do you use CodePipeline or GitHub Actions?"
• Gurarpit Singh's blog post "Blue/Green Deployments with AWS CodeDeploy and Terraform"
• Additional guides and resources on AWS Copilot

You can listen to AWS Bites wherever you get your podcasts:

• Apple Podcasts:⁠⁠⁠⁠ https://podcasts.apple.com/us/podcast/aws-bites/id1585489017⁠⁠⁠⁠
• Spotify: ⁠⁠⁠⁠https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q⁠⁠⁠⁠
• Google: ⁠⁠⁠⁠https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==⁠⁠⁠⁠
• Breaker:⁠⁠⁠⁠ https://www.breaker.audio/aws-bites⁠⁠⁠⁠
• RSS: ⁠⁠⁠⁠https://anchor.fm/s/6a3312a0/podcast/rss