When KMS key grant is created for Lambda execution role?


I was working on a new Lambda function a couple days ago. It took me a while to deploy it successfully via CloudFormation. It was all due to some required IAM policies were missed in the deployment role. So I had to delete the stack then create again for a couple of times. When I … Continue reading When KMS key grant is created for Lambda execution role?

Improved VPC networking for AWS Lambda functions


AWS just recently announced the improved VPC networking for AWS Lambda functions. Simply speaking the improvement is made by that Lambda functions now uses AWS HyperPlane to connect to customers' VPC instead of the individual ENI. AWS HyperPlane is a distributed Network Function Virtualization platform that works at the VPC flow level, it tracks the … Continue reading Improved VPC networking for AWS Lambda functions

Things you need to know about AWS VPC based Lambda


There are two types of AWS Lambda networking settings: No VPC and VPC-based. The major difference is that VPC-based Lambda allows you to access the resources in your VPC, e.g your EC2 resources sitting in the private subnets. No VPC lambda only can access Internet by default. Before you choose to use VPC-based lambda, there … Continue reading Things you need to know about AWS VPC based Lambda

Run Elasticsearch Cluster on Spot Instances


Running Elasticsearch cluster is not cheap, as it generally requires a couple of high spec servers to provides both performances and reliabilities. Below is a typical 3 nodes Elasticsearch cluster that is running on AWS: 3 nodes, one in each availability zone. each node is both master and data node, and it is formed by ec2 … Continue reading Run Elasticsearch Cluster on Spot Instances