Kaniko does not need privileged mode, as it doesn't depend on a Docker daemon and executes each command within a Dockerfile completely in userspace.
Category: Network
Automate VPN failover via TGW attachment
Continue with my previous post Automate VPN connection and its TGW attachment, in this post I would like to share the solution for VPN failover via TGW attachment. The key components in the solution are: Network Manager for Transit GatewayEventBridgeLambda The basic idea is: Register TGW to Network Manager, as Network Manager can monitor the tunnel … Continue reading Automate VPN failover via TGW attachment
Automate VPN connection and its TGW attachment
If you use the CloudFormation resource AWS::EC2::VPNConnection to create the VPN connection and attach it to the Transit Gateway (TGW), you may notice that it does not return the TGW attachment ID. So it is a bit annoying if you would like to tag the attachment and associate the attachment to a non-default TGW route table. … Continue reading Automate VPN connection and its TGW attachment
Diagram as Code Example
I came cross a nice Diagram as Code tool, it allows me to draw Cloud system architecture in Python code. To use it, you need to install Graphviz and diagrams python module. brew install graphviz pip install diagrams Here is a sample code of using the tool to create the diagram of AWS transit gateway … Continue reading Diagram as Code Example
Two Examples of using AWS Network Firewall
AWS Network Firewall is a high-available and scalable firewall service that provides network protections for VPC, which is a supplement to the existing security services. Security group protects computing resources (EC2, Lambda, RDS...)NACL (Network Access Control List) protects subnetsWAF (Web Application Firewall) and Shield protects frontend resources (ELB, CloudFound, API Gateway) There are quite a … Continue reading Two Examples of using AWS Network Firewall