[Be a Better Dev Newsletter] #005 - Day 1 Checklist for your AWS account + June Video Recap
Hey there! I've had a bunch of newsletter subscribers - many that are new to AWS and getting a handle on navigating the cloud. I figured it's a good time to share my Day 1 checklist for new AWS accounts. After all...
Tip # 1 - Ditch the Root AccountThe infamous root account is the most dangerous account a hacker can get their hands on. It's the default user you get access to when you initially create your AWS account and log in using your email address. Any person in possession of this account can revoke the credentials of all other sub-accounts, change user passwords, modifying billing information, and accessing ANY data stored in your AWS account. Needless to say, you need to lock this bad boy down. For day to day operations, you should create a separate user account that has more isolated permissions. This user can still administrate the account like normal and do things like create/modify infrastructure, but it can't mess with account settings or do anything malicious. Much better! Tip # 2 - Enable Multi Factor Authentication (MFA)Once you create your new user account, it's time to set up MFA for both your original root account and your new user account. MFA requires you to use a secondary device to authenticate yourself upon AWS account login. Although it can be seen as tedious, MFA is a great way to provide additional security to your account and ensure even a user with access to your password can't login. If you don't have access to a MFA device, don't worry — you can use your cell phone and the Google Authenticator app. Simply download the app from the Play / App store, and follow along with my video here to set it up! Tip # 3 - Set up Automated Billing AlertsNobody likes a surprise bill, especially concerning AWS accounts. Automated billing alerts help you get early warnings if your $ spend breaches a certain limit. This is great if you accidentally configure a setting with some unexpected costs, or you simply wish you keep a closer eye on your usage and get notified when breaching certain thresholds. Either way, billing alerts are easy to set up and require less than 5 minutes of set up time. I like to configure mine with really low $ spend thresholds (like a dollar or so) since I don't typically use most of my accounts for any large workloads. This is very helpful to avoid surprises. For a video tutorial on setting up billing alerts, check out my video here. Videos RecapAnd here are the videos from the month of June (so far). Video 1 - Big Data Processing Using Distributed Maps and AWS Step FunctionsStep functions are one of my new favourites in AWS land. Powerful and versatile, this service allows you to create complex workflows that integrate almost any other AWS service. In this video, I walk you through how to use the Distributed Map feature to process records of a CSV file in S3 in parallel. I JUST used this feature as part of a work project and I can't tell you how smooth it went. Learn about how it works, the setup, and some of the features that are at your disposal. Video 2 - Top 5 Cost Optimization Tips Every AWS User Should KnowCost is a concern that is top of mind lately. And for good reason - we're pretty much in a recession and everyone is looking to find optimizations. In this video, I walk you through five of my most impactful cost optimization tips that can save you tens of thousands. If you don't learn at least one thing from this video I'd be surprised. Video 3 - *New Feature* - Stream Your Cloudwatch Logs LIVE with Cloudwatch Live TailAWS recently announced Cloudwatch Live Tail. A new feature used to tail your logs as they get ingested into Cloudwatch. Linux users may recognize this feature as a replacement for tail -f . This feature is fantastic and allows you to add filters, narrow down log streams, and export your data if need be. Handy dandy! Although not exactly live (more on that in the video), this feature reduces the mouse clicks you need to make to view your logs. Every second counts! One last thing...I have a small favour to ask. I'm trying hard to get more visibility into my newsletter and spread the word with the AWS community. If you find this content (or my videos) helpful and think others may benefit, would you mind sharing my newsletter with a couple of your colleagues? It would mean the world to me! You can share this link on slack or forward it in an email to anyone that may be interested. https://mailinglist.beabetterdev.com/ Thank you, and until next time. Daniel ( Be a Better Dev ) |
|
Be a Better Dev May 4th, 2024 Hey there! I've got an awesome offer for you this Star Wars Day. I've partnered with the best AWS content creators to give you 30% off on a fantastic range of AWS books and courses! From left to right: Yan Cui, Philip Riecks, Sandro Volpicella, Alex DeBrie, Me, and Tobias Schmidt Enter the code BIGBUNDLE at checkout to get your discount. But hurry, this offer ends in 3 days. Check out these deals: 30% OFF on AWS Learning Accelerator: Perfect for beginner to...
Be a Better Dev February 18, 2024 In a recent video, I expressed my frustration with AWS's definition of "Serverless". The video seems to have resonated with the community, particularly folks' frustration with how AWS is throwing the term Serverless around all willy nilly. The recent announcements of "Serverless OpenSearch" and "Serverless Aurora" come to mind as not-so-serverless serverless offerrings. What are your thoughts? Separately, my recent course - AWS Step Functions Masterclass -...
Be a Better Dev October 21st, 2023 AWS is stepping up their security game by making Multi Factor Authentication (MFA) mandatory for users signing in to root accounts. The new feature is expected to be rolled out by mid 2024 with affected users being notified via e-mail channels. This is a welcome change that probably should have been implemented since day 1. As I've mentioned in previous newsletters and YouTube videos, the amount of users that suffer from inexplicable "hacks" to their AWS...