• Sending CodeBuild project status to SQS

    Building the queue

    Before joining AWS, I was using a few services in the suite, particularly to replace the hardware to host sites elsewhere. My exposure to the AWS Command Line Interface (CLI), or Boto (the AWS SDK for Python) was limited at best. I quickly recognized that while using the console (the AWS Web UI) was helpful to new users to understand the relationship between components, it was slow for operations of scale. It was this realization that led me to the power of the CLI, and eventually, to CloudFormation.

    For someone who prefers the command line (and manipulation of interfaces via the keyboard versus a mouse), this was fantastic! I could manipulate infrastructure through the CLI minimizing the context switch required when moving hand position from keyboard to mouse, and back. This post describes how I solved the inefficiency of using the AWS Console to check the status of my CodeBuild project build with SQS.

  • Using JUnit to help mentor

    Recently, a friend of mine needed help with Java that they were writing for a class project. As a newcomer to software development, they were having trouble understanding the nuances of object oriented design, and I was happy to help. My first ask was for the code that they had written to date, so that I had an understanding of their current state. I absolutely love reading through the code of others, because it helps me learn new skills, and techniques, even if the developer I’m working with is new to the field.

  • Magic of CloudWatch Events and CodeBuild

    Fantastic! You’re writing code, using CodeBuild from a repository in CodeCommit, and pushing the result into S3. The problem is that every single time you want to build, you have to make an AWS CLI call. What do you need to make a call succesfully? Credentials! Unfortunately, they expired hours ago when you were cycles deep into writing a very robust blog post. Your 2FA device is upstairs, and you’re so comfortable in your chair that you really don’t want to get up from it. Don’t let anyone tell you that being lazy does not breed innovation!

  • Hosting in S3 with CloudFront

    In the last post, I outlined my process to block public S3 buckets at the service level, ensuring that none of the buckets across my accounts would be exposed unintentionally. Once I was comfortable with the solution, I decided that it would be nice to finally set up a blog hosted in S3. My requirements were the following:

    1. Maintain the security posture of the hosting bucket
    2. Maintain access logs, and be able to report on them
    3. Content to only be delivered via TLS
    4. Ensure management of the certificate lifecycle was straight forward
  • S3 Block Public Access

    In November of 2018, AWS released S3 Block Public Access, as a method to apply an overarching policy to prevent public access to S3 buckets. The policy contains four options, and can be applied individually, or as a set which provides expected flexibility from an AWS feature (and the excess rope to cause trouble).