As mentioned in my previous blog New to AWS GuardDuty? I have been working on open sourcing the tool that I wrote for internal use. Now it is public available on my GitHub: AWS GuardDuty Manager Description AWS GuardDuty Manager (GDM) is a tool that allows you to perform some common GuardDuty tasks (start, stop and … Continue reading AWS GuardDuty Manager
There used to be lots of debates on what is the best container orchestration platform? Is it ECS or Mesos or Nomad or swarm or Kubernetes ? With some moves in the industry recently, I think the answer is obvious now - Kubernetes is the winner! What happened in the past a few weeks? Docker announced 'Adding Kubernetes … Continue reading Kubernetes is the winner
Autosam is a project that I created to automate the Akamai Cloudlets Edge Redirect from end to end, including add new rules, remove duplicated rules if there are any, push to staging, test in staging, push to production, test in production. Now it is available for download from my Github repo. Enjoy Autosam 🙂
VPC flow is a AWS feature that allows you to capture the inbound and outbound traffics of all network interfaces in your VPC. To get the information, you have to go to the Cloudwatch to read the raw logs line by line which is not really efficient. If you happen to use Sumologic, you can … Continue reading Send VPC flow logs to Sumologic
When working on AWS cross accounts S3 access, I found out that - Only s3:CreateBucket, s3:ListAllMyBuckets and s3:GetBucketLocation 3 actions are allowed to set relative-id of Resource to "*". For all other bucket actions, you must specify a bucket name. E.g If I want to allow a user from account B to put objects into … Continue reading AWS cross accounts access S3 buckets
