How we architect, build, and manage world class AWS infrastructure.
FinDev and the flow of capital through an application is a hot topic these days – Yan Cui and Aleksandar Simovic both have recent discussions on the topic. The pay-by-request model of most serverless services makes it possible...
On Jan 7, 2019 AWS released a major price reduction for Fargate, reducing prices 35-50%. This is great news for a service that had relatively high costs as one of...
Of all the sessions I’ve seen from AWS re:Invent 2018, my favorite is certainly this bewildering drop-kick of NoSQL expertise from AWS Principal Technologist and certified outer space wizard Rick Houlihan. (Seriously, watch that video, then come back to...
IAM is the last line of defense between compromised AWS credentials and your critical infrastructure. Following the principle of least privilege is critical. To make this more difficult, the way a credential is used...
AWS re:Invent 2018 took Las Vegas by storm last week, and the Trek10 team was out in force, keeping up with all the new announcements from AWS and our other partners. (We even got a shoutout in Werner...
Teams are using serverless architectures to dramatically increase the pace at which they can move from idea to deployed application while also reducing their infrastructure and operational costs. Services like AWS Lambda and Amazon API Gateway let you build applications...
In this post I’ll outline a generalized approach to building an event-driven, serverless architecture on AWS when you rely on data from a legacy system. If you are trying to figure out how to build new cutting edge architectures in...
Join Forrest Brazeal, Senior Cloud Architect at Trek10 and AWS Serverless Hero, to learn how to seamlessly build and deploy serverless applications across multiple teams in large organizations. In this tech talk, Forrest will demonstrate best practices for automating IAM...
Serverless is the rare technology that gets business leaders just as excited as engineers. That’s because (surprise!) it’s not really about technology at all. At its heart, the serverless movement is a radical transformation of your business processes and...
This is the third in a series of posts about monitoring your production workloads in AWS. In the first post, we did a high level overview of cloud monitoring and broke it down into six types of metrics...
Access management is a...
This is the second in a series of posts about monitoring your production workloads in AWS. In the first post, we did a high level overview of cloud monitoring and broke it down into six types of metrics you...
ServerlessConf is coming to San Francisco July 29-August 1, and Trek10 will be there with bells on. We’ll be leading some cool workshops, running a sponsor booth, and much more. We hope you’ll join us!
This year we’re...
If you’ve spent any time at all in the cloud, you know the pain of mysterious bills and ever-escalating spend. When you’re paying as you go and scaling on demand, exercising control over your infrastructure...
For companies coming from an on-premise or traditional architecture, the landscape of monitoring for cloud-based distributed architectures can be pretty bewildering. What metrics should you be monitoring? What tools and providers should you use? How can you centralize the data...
Nope, you didn’t read that wrong. This blog post was written, the git commit was made, and then it was all pushed up to our private GitLab on a machine that no longer exists. I threw it out, and tomorrow...
AWS Greengrass lets you run Lambda functions on your favorite edge device, such as a Raspberry Pi, while maintaining seamless integration with your resources in the AWS cloud. If that sounds complex to you, you’re not wrong. The official Greengrass...
Considering Fargate? After you read this, check out our new post on Fargate pricing.
You’ve likely heard the Serverless buzzword. Powerful but loaded. Are there really no servers? You may have heard of Fargate: AWS’s new container management...
Last weekend, we had the pleasure of participating in the Indiana AT&T IoT Civic Hackathon. This year’s theme was based on First Responders, and the combination of 4G LTE and FirstNet formed the backdrop for the hackathon. FirstNet (the...
Trek10 uses the best tools and AWS services to design, build, and support cutting-edge solutions for our clients. With multiple deployments under our belt, our team is one of the foremost experts on building serverless apps and enabling enterprises to...
Update 3/23/2018 The AWS CodePipeline team has updated their documentation to indicate that it is, in fact, possible to use IAM resource-level permissions on approvals. I’ve updated the post below to explain how this works, and the remaining gotchas.
...
We’re big users of Datadog at Trek10, and particularly Datadog’s AWS integration. It’s an incredibly powerful service and an integral part of our 24/7 CloudOps offering. And like any responsible power user, we’re always on the lookout for...
This is an update to a post we did in late 2016… the basics are still relevant but AWS has added a lot of other tools to the toolbox, which we’ve tried to enumerate. Enjoy!
Serverless on AWS represents a...
With all the security breaches that occurred on AWS in 2017, be they caused by poorly managed Amazon S3 permissions to inadequate security group configurations, we have seen that no company or government agency is above making simple mistakes. This...
So you’ve built your first Serverless app (if you haven’t, start here) and are ready to go into production. Given a lot of the rhetoric about Serverless these days (or for our purposes, more clearly… cloud-native apps built with...
Given the many S3 breaches over the past year and some inaccurate information I have seen across various news outlets about the default security of S3, I thought it would be beneficial to demystify some of the complexities of S3...
Dead letter configs are a pretty slick part of the AWS Serverless ecosystem. The basic idea is this: There are some events which trigger Lambda functions synchronously (such as API Gateway) and others which trigger Lambda asynchronously (such as...
My single largest complaint with the entire AWS Serverless ecosystem was that running a multi-region API Gateway was impossible to do. Well, impossible without servers. You could do it if you were willing to run a few nginx reverse proxies...
At Trek10, one of the great things about running our 24/7 CloudOps support service is that we often have to solve problems on AWS for ourselves and then use our learning to implement the same solution for our customers. In...
In order to meet compliance or just general best practices, it is well worth your time to leverage encrypted root volumes on your EC2 instances. This protects your data from someone grabbing the hard disk in the data center or...
Josh von Schaumburg, Customer Solutions Lead and Senior Solutions Architect at Trek10, recently spent some time with the team at LinkedIn Learning recording a new course, Amazon Web Services: Disaster Recovery.
In his role with Trek10, Josh works...
AWS Lambda makes it easy for developers to write and deploy code at almost limitless scale. What has been hard is debugging that code. Live debugging has been a pipe dream, and offline tools work most of the time but...
September 13, 2017 — Trek10, Inc, Indiana’s fastest growing AWS cloud services partner, has announced the selection of Shane M. Fimbel, Ph.D., as its Chief Executive Officer. With a predominantly national client base, Fimbel will lead Trek10’s efforts to further...
Update: Since writing this post, AWS has updated their policy to align with our enhancements and also mitigate a vulnerability. Use the JSON from the AWS docs for your ForceMFA policy. In the updated policy, AWS has also moved...
We founded Trek10 three and a half years ago with a mission to transform our clients’ IT infrastructure by leveraging the very best and latest in cloud technologies. Since then, we’ve been racing at full speed to build a company...
TechPoint, the growth accelerator for Indiana’s tech ecosystem, is recognizing Indiana’s tech builders with the announcement of the third annual Tech 25 Class of 2017.
In 2015, TechPoint launched the Tech 25 Awards, a prestigious selection of twenty-five individuals...
In case you’ve missed it, AWSume is a cross-platform AWS command-line tool that makes working with the AWS CLI under different profiles or roles super easy.
At Trek10, we always try to consider the need for automation and repeatability with everything that we do. That’s why we focus on using tools like CloudFormation, Serverless, and CI, as well as building other tools. Recently, I was tasked...
June 7, 2017 — Trek10, Inc, an AWS Partner Network (APN) Advanced Consulting Partner with the DevOps and IOT Competencies, today announced support for AWS Greengrass. AWS Greengrass is a new service from Amazon Web Services (AWS) that seamlessly extends...
Way back in March of 2011, AWS announced the release of Dedicated Instances, which allows organizations to launch EC2 instances on dedicated infrastructure. Typically, when an EC2 instance is launched in a VPC, the virtualized infrastructure is built from...
One question we often face at Trek10 as we design Serverless AWS architectures is, what is the most cost-effective and efficient AWS platform service for a new system to use for ingesting data? Of course you could always just spin...
DynamoDB just launched Auto Scaling natively. See here.
We have several projects that use DynamoDB heavily. And, while DynamoDB works great, you can hit throttle limits if you are trying to tightly match your provisioned capacity to your actual...
Today we were looking for a quick way to replace scheduled jobs in Jenkins with GitLab CI. Unfortunately GitLab CI does not support scheduled runs.
Being the lambda lovers we are, we figured a quick scheduled lambda function could fix...
In a quickly changing technology landscape of immutable Docker deployments and Lambda-based Serverless architectures, IPsec VPN tunnels are far from sexy… but they certainly are critical.
At Trek10, we use the IPsec VPN functionality of
Its more formal and slightly less catchy name is Cloudwatch Events with a Scheduled Event Source and a Lambda Target… but we think “Lambda Cron” just rolls off the tongue a bit better.
Cloudwatch Events is a service that lets...
As you know, Lambda functions run in a contained environment. But, what you may not know is that this environment is also often reused for subsequent invocations.
To demonstrate this, we created a Node.js Lambda function with the following code...
It’s no secret that we love AWS Lambda for building serverless applications. Development costs can be dramatically reduced. Because you pay per invocation, operating costs (in most cases) will be less than running your application even on inexpensive...
GraphQL, currently one of the biggest squares on the buzzword bingo card, is gaining a lot of steam recently and serverless sits right next to it. Recently, I have had the joy (and sorrow) of working with both...
You may have seen the announcement recently about what we at Trek10 consider to be the biggest update to CloudFormation since CloudFormation itself. AWS CloudFormation Update – YAML, Cross-Stack References, Simplified Substitution.
YAML is more...
Serverless on AWS represents a new way to architect highly performant, highly resilient, and very low-maintenance cloud-native systems. In this occasional series, we’re going to review some interesting design patterns for Serverless systems on AWS. Hopefully this will give you...
There are many compelling reasons to consider a Serverless / Lambda-based architecture for your next project: scalability, fault-tolerance, low maintenance cost, high flexibility. But one of the most often-cited is cost.
A typical AWS serverless stack has several cost...
If you live anywhere near a park, you may have suddenly started to see people standing around like this in the past few weeks.
It isn’t as much of...
When you hear “Serverless” I know what you’re thinking… oh boy, another buzzword! I get it. And it’s a pretty confusing one, on two levels:
Good news Windows users! You can now use this AWSume script on Windows. I assume I am not the only one that uses Windows for AWS work? … Right?!?
The Serverless Framework is fantastic at managing AWS API Gateway, AWS Lambda, and helping wire up all the events and streams. It makes creating and managing complex infrastructures less painful and more straightforward. At Trek10, we have seen the...
WE HAVE OPEN SOURCED AN IMPLEMENTATION: CHECK IT OUT
So you’re building your serverless app on AWS for unlimited scalability and true pay-per-use. Your web server is Amazon API Gateway - unlimited scale with zero scaling effort....
We have several clients at Trek10 using the Amazon ECR (EC2 Container Registry) as their Docker registry for storing and shipping images to ECS and other systems.
Some of our clients have run into the 500 image limit on ECR...
Update: Good news Windows users! You can now use this AWSume script on Windows too.
Here at Trek10, we work with many clients, and thus work with multiple AWS accounts on a regular (daily) basis. We needed a...
As a follow up to our post HTTPS Everywhere, today we’ll discuss some history behind the SSL certificate and why they seem to cost so much money. We will also dive into the current landscape of SSL certificates...
AWS Lambda now allows scheduling a one minute intervals. See here.
Currently, CloudWatch Event rules can be scheduled at minimum intervals of 5 minutes. At Trek10, we saw the need for a smaller interval, namely 1 minute. This need...
Often with new technology some of the primary benefits are realized when you reevaluate how you approach a problem. AWS Lambda and event driven computing is no exception.
I’m going to walk you through one of the more exciting types...
Like any good engineering-driven culture, at Trek10 we constantly evaluate new technologies, tinkering with them to figure out how they might fit into our workflows and processes. Want to know what the coolest new framework we have been playing with...
In our Part 1 post, we provided an overview of one of AWS’s most powerful and flexible security features -- roles. It can take some time and experience to fully wrap one’s mind around the varying capabilities...
New technology appears and old job functions become obsolete. The practitioners move on to retrain on higher-value tasks and in the end the whole system is more productive. It happened when cars replaced blacksmiths, when the computer replaced armies...
Customers often ask us, “What is the best way we can improve our overall security?” At Trek10, we have developed a security audit framework for reviewing customer environments and providing our expertise on where an AWS account may deviate...
AWS’s recent outage to DynamoDB and related services in the US East region is a good reminder of some fundamentals of designing for availability on AWS.
AWS’s recent outage to DynamoDB and related services in the US East region...
October 21, 2015 — Trek10, a cloud enablement company that specializes in Amazon Web Services (AWS), today announced a partnership with Docker, the company behind the Docker open source platform and chief sponsor of the Docker ecosystem. Trek10...
Admission to the Advanced Tier of AWS Partners and a new Partnership with Docker highlight Trek10’s ascendance in the cloud.
Docker provides a consistent and repeatable way to manage your application life-cycle, and ECS is AWS’s platform for running Docker containers at scale. You cannot deny that Docker+ECS is a compelling solution to many of the promises of DevOps...
