All blog posts in the aws category
31 posts found
Showing 31 of 31 posts
Introduction In Deploying TanStack Start on AWS with Lambda Function URLs, I describe how to deploy TanStack Start serverless on AWS. This post shows how to add TanStack AI with AWS Bedrock to that...
Overview How you secure cloud configuration often starts with cdk-nag, but many teams also use third-party tools after deployments. Using the “server access logs not configured” example, this post...
Introduction As described in Simple example of TanStack DB with DynamoDB on AWS with multiple entities, we set up a multi-entity data model using ElectroDB and TanStack DB collections. In this post,...
Introduction In some cases, the CDK bootstrap resources need changes beyond what's possible with the standard bootstrap parameters. While the CDK provides customization options, certain...
Introduction In Simple example of TanStack DB with DynamoDB on AWS, I describe how to use TanStack DB with a single entity in combination with DynamoDB. This post contains a simple example with...
Introduction In Deploying TanStack Start on AWS with Lambda Function URLs, I describe how to deploy TanStack Start serverless on AWS. This post contains a simple example of using TanStack DB...
Introduction CloudWatch Metrics Insights query alarms (aka “multi-metric alarms”) let one alarm evaluate many _individual_ resources. You write a Metrics Insights SQL query (with GROUP BY), and...
Overview This post builds on the previous example on using cdk-notifier to compare changes in pull requests. It demonstrates how to extend the workflow by adding CloudFormation change set validation...
Introduction This guide demonstrates how to deploy a TanStack Start application on AWS using a serverless architecture. TanStack Start is a full-stack React framework that provides server-side...
Introduction If you need to ensure that all AWS Lambda environment variables are encrypted with a customer-managed KMS key for compliance or security requirements, you can achieve this using AWS CDK...
Overview cdk-nag’s AwsSolutions-IAM5 rule is one of the most frequent findings in real-world stacks. It flags wildcard permissions in both Action (e.g., kms:GenerateDataKey) and Resource (e.g., `)...
Overview When using AWS CDK, Aspects allow us to apply a RemovalPolicy.DESTROY to all resources within an ephemeral stack. This works well for many resources but isn't sufficient for S3 buckets that...
Overview When using AWS CDK with custom resources, CDK creates a singleton Lambda function that handles all custom resource operations. This Lambda function can trigger several cdk-nag findings,...
Update 2025-06-18: Provisioning with CloudFormation Recently, AWS added native CloudFormation support for provisioning Application Signals Transaction Search. You can find the official documentation...
Update 2025-06-18: Provisioning with CloudFormation It can now also be configured using CloudFormation....
Use case API Gateways can be secured with IAM authentication. This means that the client must sign the request with the AWS Signature Version 4. This post describes how to call an IAM authenticated...
Use case You have a private EC2 instance in your AWS account and you want to edit files outside of the terminal or just with the help of vs code and vs code extensions on this instance without using...
Use case You want to run prowler scans for different AWS accounts, which AWS SSO manages. Approach To scan multiple AWS accounts with prowler is described here:...
Use case As described here Use cdk-notifier to compare changes in pull requests, the cdk-notifier displays the diff between the feature branch and the main branch. In case of using tags in the CDK...
Use case Especially in serverless environments, features will be created with ephemeral stacks, which will be deleted after merging to the main branch. Comparing the cdk diff between the feature...
Use case You are in charge of several AWS accounts within an AWS Organisation and need to check the resources across these accounts. E.g., to check which are the configured runtimes for the lambdas....
The AWS CDK Serverless Toolsuite from Thorsten Hoeger helps, among others, to deploy an API Gateway from OpenApi specs and a DynamoDb from DynamoDb onetable data modeling. The advantage is to...
In this post is described how to get the data to analyze the changes in the dynamodb data. This post describes how to (semi) automate the export of the dynamodb table data and analyze it with Athena....
This post is about how to visualize the DynamoDb data changes with Quicksight. It's an extension of this post, which describes how to analyze the data with Athena. The setting for creating the...
In this post is a example of a Athena query to get the the current data of the DynamoDb table. This post explains how to provide this query with CDK as a saved query in Athena to have the query...
This is the same like described here, but instead of terraform it's build with CDK. To bootstrap the project run this command: cdk init app --language typescript Further information are here All...
Why? The data of a DynamoDb table is not so easy to analyze as a RDS with e.g., the pgAdmin. It will be somehow possible with scan operation but it's in the most cases not recommented. Another...
Why Terraform? In this post I described how to display AWS Billing metrics in Grafana Cloud. Therefore it was necessary to create manually the data source and the dashboard. With Terraform, you can...
In my web app, I use the authentification UI Compontents of Amplify. Without any configuration, this UI component comes with a signup link so that any person who knows the URL can signup for...
Why Grafana for AWS billing metrics? Grafana is well known for observability dashboards, which can be composed of many data sources. With AWS CloudWatch metrics, it is possible to do more or less...
Blog Post
As part of #BlackLivesMatter there was a discussion to rename git branch master to main. How to do that in git and GitHub and some more about the background is described here:...