Cloud Posse DevOps "Office Hours" (2022-02-16)

02/16/22 • 58 min

Cloud Posse DevOps "Office Hours" Podcast

Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.
You can register here: https://cloudposse.com/office-hours
Join the conversation:
https://slack.cloudposse.com/
Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/
Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/
[00:00:00] Intro
[00:01:30] Terraform AWS Provider v4.0.0 released (with breaking changes)
https://github.com/hashicorp/terraform-provider-aws/releases/tag/v4.0.0
[00:05:47] Set up Tracing on GitHub Actions Workflows using Datadog
https://docs.datadoghq.com/continuous_integration/setup_pipelines/github/#compatibility
[00:07:32] HTTP/3: Everything you need to know about the next-generation web protocol
https://portswigger.net/daily-swig/http-3-everything-you-need-to-know-about-the-next-generation-web-protocol
[00:09:23] Include diagrams in your Markdown files with Mermaid (With example)
https://github.blog/2022-02-14-include-diagrams-markdown-files-mermaid/
https://github.com/mermaid-js/mermaid#flowchart-docs---live-editor
[00:17:10] Embed SVGs in GitHub Markdown
https://github.blog/changelog/2022-01-21-allow-to-upload-svg-files-to-markdown/
[00:18:38] Amazon Elastic File System Update – Sub-Millisecond Read Latency
https://aws.amazon.com/blogs/aws/amazon-elastic-file-system-update-sub-millisecond-read-latency/
[00:20:09] 1Password for SSH & Git (Beta)
https://developer.1password.com/docs/ssh/
[00:22:08] Observation: The rise of the specialized cloud
[00:26:30] AWS WAF ruleset for credential stuffing
[00:28:19] Has anyone found a tool that can facilitate mass migration of data from one tier of Glacier to the other?
[00:31:14] What are people doing in the wild with respect to pinning for ACM generated certificates?
[00:35:33] What is the recommended way for EKS pods to CRUD on S3 buckets?
[00:37:27] Is there a way to basically do AWS IPAM, but just in TF?
[00:43:07] Has anyone had to deal with uploading and offloading child accounts. I had like over 50 accounts to create on New Relic and i had to manually add this accounts on the UI
[00:46:37] In your centralized logging system (ELK/Loki), How do you deal with a spike of logs that overwhelms your pipeline?
[00:52:26] Giving the infra deploy pipeline full admin in AWS vs fine-grained permissions that seem more secure but troublesome to manage
[00:57:08] Outro
#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws

Support the show (https://cloudposse.com/office-hours/)

Support the show (https://cloudposse.com/office-hours/)

Previous Episode

Cloud Posse DevOps "Office Hours" (2022-02-09)

Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.

You can register here: https://cloudposse.com/office-hours

Join the conversation:
https://slack.cloudposse.com/

Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/

Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/

[00:00:00] Intro
[00:01:16] Datadog adds Cloud Cost Management for AWS (private beta)
https://docs.datadoghq.com/infrastructure/cloud_cost_management/
[00:02:08] Argo CD releases patch for zero-day vulnerability
https://www.zdnet.com/article/argo-cd-releases-patch-for-0-day-vulnerability/
[00:03:11] Amazon S3 Batch Replication synchronizes existing data between buckets
https://aws.amazon.com/about-aws/whats-new/2022/02/amazon-s3-batch-replication-synchronizes-existing-data-between-buckets/
[00:07:29] SweetOps Slack Upgraded to Paid Team (Big Thanks to our Spacelift sponsors)
[00:08:17] Replicating existing objects between S3 buckets https://aws.amazon.com/blogs/storage/replicating-existing-objects-between-s3-buckets/
[00:09:35] App runner gets VPC support
https://aws.amazon.com/blogs/aws/new-for-app-runner-vpc-support/
[00:14:00] What pitfalls might I encounter I develop a feature by deploying live resources namespaced by my current git branch?
[00:28:38] Revisit: insights CDNs optimized to minimize http 2 response delays?
[00:29:33] is it possible to set cloudfront to cache an image only after it has responded to the client request?
[00:34:36] Is it possible to set 2 origins (both s3 buckets) as part of a cloudfront behavior?
[00:41:09] Tools to refactor Terraform
[00:50:15] Terraform Mixins
[00:55:00] Outro

#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws

Support the show (https://cloudposse.com/office-hours/)

Next Episode

Cloud Posse DevOps "Office Hours" (2022-02-23)

Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.
You can register here: https://cloudposse.com/office-hours
Join the conversation:
https://slack.cloudposse.com/
Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/
Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/
[00:00:00] Intro
[00:01:24] Announcing the general availability of AWS Backup for Amazon S3
https://aws.amazon.com/about-aws/whats-new/2022/02/general-availability-aws-backup-amazon-s3/
[00:03:21] AWS Firewall Manager now supports versioning for AWS WAF managed rule group
https://aws.amazon.com/about-aws/whats-new/2022/02/aws-firewall-manager-waf-rule-group/
[00:04:02] AWS Launches Discourse Forum/Community for QuickSight
https://community.amazonquicksight.com/t/troubleshoot-analysis-titles-and-subtitles-failed-to-load-narrative-editor/1776
[00:05:20] Introducing auto-adjusting budgets
https://aws.amazon.com/about-aws/whats-new/2022/02/auto-adjusting-budgets/
[00:06:31] cloudposse/terraform-aws-s3-bucket adds AWS Provider v4 support
https://github.com/cloudposse/terraform-aws-s3-bucket/releases/tag/0.48.0
[00:07:30] GitHub Opens Advisory Database to contributions
https://github.blog/2022-02-22-github-advisory-database-now-open-to-community-contributions/
[00:09:20] Other
[00:10:19] Amazon EKS Release calendar
https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-release-calendar
[00:11:54] Waxing philosophical: DevOps sometimes feels like building sandcastles
[00:17:49] Why is it a best-practice from a compliance/ops standpoint to put all s3 buckets into their own AWS project?
[00:24:57] Is anyone using AWS SSM Session manager to enable devs to connect to a staging RDS instance, and NOT using ssh keys/connections managed through SSM?
[00:34:23] How do you build the observability model at the app level?
[00:43:47] I’m looking for examples to build a VPC without internet connection without losing connection to ECR, S3 and DynamoDB. Do you have any suggestions?
[00:52:16] Terraform wirenodes https://github.com/jbraswell/terraform-wireguard
[00:55:52] Outro
#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws