Category: Advanced (300)

The amount of data being collected, stored, and processed by HAQM Web Services (AWS) customers is growing at an exponential rate. In order to keep pace with this growth, customers are turning to scalable cloud storage services like HAQM Simple Storage Service (HAQM S3) to build data lakes at the petabyte scale. Customers are looking […]

September 9, 2021: HAQM Elasticsearch Service has been renamed to HAQM OpenSearch Service. See details. HAQM Inspector helps to improve the security and compliance of your applications that are deployed on HAQM Web Services (AWS). It automatically assesses HAQM Elastic Compute Cloud (HAQM EC2) instances and applications on those instances. From that assessment, it generates […]

HAQM Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in HAQM Web Services (AWS). It gives you the ability to automatically scan for sensitive data and get an inventory of your HAQM Simple Storage Service (HAQM S3) buckets. […]

Data is a crucial part of every business and is used for strategic decision making at all levels of an organization. To extract value from their data more quickly, HAQM Web Services (AWS) customers are building automated data pipelines—from data ingestion to transformation and analytics. As part of this process, my customers often ask how […]

In this blog post, I show you how to improve the distributed denial of service (DDoS) resilience of your self-managed Domain Name System (DNS) service by using AWS Global Accelerator and AWS Shield Advanced. You can use those services to incorporate some of the techniques used by HAQM Route 53 to protect against DDoS attacks. […]

December 4, 2020: We’ve updated this post to use s3:CreateBucket to simplify the intro example, replaced figure 8 removing the IfExists reference, and clarified qualifier information in the example. In this post, I’m going to share two techniques I’ve used to write least privilege AWS Identity and Access Management (IAM) policies. If you’re not familiar […]

October 29, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. September 9, 2021: HAQM Elasticsearch Service has been renamed to HAQM OpenSearch Service. See details. […]

Many HAQM Web Services (AWS) customers need enhanced insight into IP network flow. Traditionally, cost, the complexity of collection, and the time required for analysis has led to incomplete investigations of network flows. Having good telemetry is paramount, and VPC Flow Logs are a very important part of a robust centralized logging architecture. The information […]

January 30, 2024: The API in this blog post has been changed in newer version of the AWS CRT Client. See this page for more info. January 25, 2023: AWS KMS, ACM, Secrets Manager TLS endpoints have been updated to only support NIST’s Round 3 picked KEM, Kyber. s2n-tls and s2n-quic have also been updated […]

HAQM AppStream 2.0 is a fully managed service that lets you stream applications and desktops to your users. In this post, I’ll show you how to record a video of AppStream 2.0 streaming sessions by using FFmpeg, a popular media framework. There are many use cases for session recording, such as auditing administrative access, troubleshooting […]