Fargate Pricing in Context
Updated for the Jan 2019 Fargate price reduction
On Jan 7, 2019 AWS released a major price reduction for Fargate, reducing prices 35-50%. This is great news for a service that had relatively high costs as one of...
From relational DB to single DynamoDB table: a step-by-step exploration
Of all the sessions I’ve seen from AWS re:Invent 2018, my favorite is certainly this bewildering drop-kick of NoSQL expertise from AWS Principal Technologist and certified outer space wizard Rick Houlihan. (Seriously, watch that video, then come back to...
Removing Excess IAM Access with AWS Config
Finding and Closing Access Loopholes
IAM is the last line of defense between compromised AWS credentials and your critical infrastructure. Following the principle of least privilege is critical. To make this more difficult, the way a credential is used...
Real-world use cases for our favorite re:Invent 2018 announcements
AWS re:Invent 2018 took Las Vegas by storm last week, and the Trek10 team was out in force, keeping up with all the new announcements from AWS and our other partners. (We even got a shoutout in Werner...
DevOps for Serverless Applications
Teams are using serverless architectures to dramatically increase the pace at which they can move from idea to deployed application while also reducing their infrastructure and operational costs. Services like AWS Lambda and Amazon API Gateway let you build applications...
Making Legacy Databases Into Event Sources for Serverless
In this post I’ll outline a generalized approach to building an event-driven, serverless architecture on AWS when you rely on data from a legacy system. If you are trying to figure out how to build new cutting edge architectures in...
Serverless Workflows for the Enterprise
Join Forrest Brazeal, Senior Cloud Architect at Trek10 and AWS Serverless Hero, to learn how to seamlessly build and deploy serverless applications across multiple teams in large organizations. In this tech talk, Forrest will demonstrate best practices for automating IAM...
The Business Case For Serverless
Serverless is the rare technology that gets business leaders just as excited as engineers. That’s because (surprise!) it’s not really about technology at all. At its heart, the serverless movement is a radical transformation of your business processes and...
Custom Metrics Deep Dive
This is the third in a series of posts about monitoring your production workloads in AWS. In the first post, we did a high level overview of cloud monitoring and broke it down into six types of metrics...
S3 Permissions
Access management is a...
CloudWatch Deep Dive
This is the second in a series of posts about monitoring your production workloads in AWS. In the first post, we did a high level overview of cloud monitoring and broke it down into six types of metrics you...
Think FaaS Live at ServerlessConf San Francisco
ServerlessConf is coming to San Francisco July 29-August 1, and Trek10 will be there with bells on. We’ll be leading some cool workshops, running a sponsor booth, and much more. We hope you’ll join us!
This year we’re...
Detecting AWS Cost Anomalies
Cloud Spend: Everybody’s Problem
If you’ve spent any time at all in the cloud, you know the pain of mysterious bills and ever-escalating spend. When you’re paying as you go and scaling on demand, exercising control over your infrastructure...
All The Metrics - A Cloud Monitoring Blueprint
For companies coming from an on-premise or traditional architecture, the landscape of monitoring for cloud-based distributed architectures can be pretty bewildering. What metrics should you be monitoring? What tools and providers should you use? How can you centralize the data...
I Buy a New Work Machine Every Day
Nope, you didn’t read that wrong. This blog post was written, the git commit was made, and then it was all pushed up to our private GitLab on a machine that no longer exists. I threw it out, and tomorrow...
Manage Your AWS Greengrass Lambda Functions with SAM
AWS Greengrass lets you run Lambda functions on your favorite edge device, such as a Raspberry Pi, while maintaining seamless integration with your resources in the AWS cloud. If that sounds complex to you, you’re not wrong. The official Greengrass...
Is AWS Fargate "Serverless"?
Considering Fargate? After you read this, check out our new post on Fargate pricing.
You’ve likely heard the Serverless buzzword. Powerful but loaded. Are there really no servers? You may have heard of Fargate: AWS’s new container management...
Trek10 & Friends Take 3 Prizes at IoT Hackathon
Last weekend, we had the pleasure of participating in the Indiana AT&T IoT Civic Hackathon. This year’s theme was based on First Responders, and the combination of 4G LTE and FirstNet formed the backdrop for the hackathon. FirstNet (the...
Trek 10 - AWS Partner Network Video
Trek10 uses the best tools and AWS services to design, build, and support cutting-edge solutions for our clients. With multiple deployments under our belt, our team is one of the foremost experts on building serverless apps and enabling enterprises to...
Enforcing the 'Two-Person Rule' with AWS CodePipeline (UPDATED)
Update 3/23/2018 The AWS CodePipeline team has updated their documentation to indicate that it is, in fact, possible to use IAM resource-level permissions on approvals. I’ve updated the post below to explain how this works, and the remaining gotchas.
...
Datadog Event Mapping
We’re big users of Datadog at Trek10, and particularly Datadog’s AWS integration. It’s an incredibly powerful service and an integral part of our 24/7 CloudOps offering. And like any responsible power user, we’re always on the lookout for...
Serverless Architectures: IoT
This is an update to a post we did in late 2016… the basics are still relevant but AWS has added a lot of other tools to the toolbox, which we’ve tried to enumerate. Enjoy!
Serverless on AWS represents a...
3 Big Security Concerns and 1 Solution
With all the security breaches that occurred on AWS in 2017, be they caused by poorly managed Amazon S3 permissions to inadequate security group configurations, we have seen that no company or government agency is above making simple mistakes. This...
Operationalizing Serverless: Five Key Considerations
So you’ve built your first Serverless app (if you haven’t, start here) and are ready to go into production. Given a lot of the rhetoric about Serverless these days (or for our purposes, more clearly… cloud-native apps built with...
AWS S3 Permissions to Secure your S3 Buckets and Objects
Given the many S3 breaches over the past year and some inaccurate information I have seen across various news outlets about the default security of S3, I thought it would be beneficial to demystify some of the complexities of S3...
2 Minute Tip: Dead Letter Configs in Serverless
Dead letter configs are a pretty slick part of the AWS Serverless ecosystem. The basic idea is this: There are some events which trigger Lambda functions synchronously (such as API Gateway) and others which trigger Lambda asynchronously (such as...
Regional Endpoints for API Gateway and Active Active Serverless
My single largest complaint with the entire AWS Serverless ecosystem was that running a multi-region API Gateway was impossible to do. Well, impossible without servers. You could do it if you were willing to run a few nginx reverse proxies...
Our Approach to IAM Escalation
At Trek10, one of the great things about running our 24/7 CloudOps support service is that we often have to solve problems on AWS for ourselves and then use our learning to implement the same solution for our customers. In...
2 Minute Tip: Easily Encrypt AWS AMI Root EBS Volumes
In order to meet compliance or just general best practices, it is well worth your time to leverage encrypted root volumes on your EC2 instances. This protects your data from someone grabbing the hard disk in the data center or...
Amazon Web Services: Disaster Recovery
Josh von Schaumburg, Customer Solutions Lead and Senior Solutions Architect at Trek10, recently spent some time with the team at LinkedIn Learning recording a new course, Amazon Web Services: Disaster Recovery.
In his role with Trek10, Josh works...
Introducing Live Debugging in AWS Lambda
AWS Lambda makes it easy for developers to write and deploy code at almost limitless scale. What has been hard is debugging that code. Live debugging has been a pipe dream, and offline tools work most of the time but...
Trek10 Selects Regional Executive as CEO
September 13, 2017 — Trek10, Inc, Indiana’s fastest growing AWS cloud services partner, has announced the selection of Shane M. Fimbel, Ph.D., as its Chief Executive Officer. With a predominantly national client base, Fimbel will lead Trek10’s efforts to further...
Improving the Improved AWS Force MFA Policy for IAM Users
Update: Since writing this post, AWS has updated their policy to align with our enhancements and also mitigate a vulnerability. Use the JSON from the AWS docs for your ForceMFA policy. In the updated policy, AWS has also moved...
A Big Step Forward for Trek10
We founded Trek10 three and a half years ago with a mission to transform our clients’ IT infrastructure by leveraging the very best and latest in cloud technologies. Since then, we’ve been racing at full speed to build a company...
Josh von Schaumburg selected as a member of TechPoint's Tech 25 Class of 2017
TechPoint, the growth accelerator for Indiana’s tech ecosystem, is recognizing Indiana’s tech builders with the announcement of the third annual Tech 25 Class of 2017.
In 2015, TechPoint launched the Tech 25 Awards, a prestigious selection of twenty-five individuals...
AWSume - Now in Python!
In case you’ve missed it, AWSume is a cross-platform AWS command-line tool that makes working with the AWS CLI under different profiles or roles super easy.
Making CI easier with GitLab
At Trek10, we always try to consider the need for automation and repeatability with everything that we do. That’s why we focus on using tools like CloudFormation, Serverless, and CI, as well as building other tools. Recently, I was tasked...
Trek10 Announces Support for AWS Greengrass
June 7, 2017 — Trek10, Inc, an AWS Partner Network (APN) Advanced Consulting Partner with the DevOps and IOT Competencies, today announced support for AWS Greengrass. AWS Greengrass is a new service from Amazon Web Services (AWS) that seamlessly extends...
What is the Difference Between Dedicated Hosts and Dedicated Instances on AWS?
Way back in March of 2011, AWS announced the release of Dedicated Instances, which allows organizations to launch EC2 instances on dedicated infrastructure. Typically, when an EC2 instance is launched in a VPC, the virtualized infrastructure is built from...
AWS Data Ingestion Cost Comparison: Kinesis, AWS IOT, & S3
One question we often face at Trek10 as we design Serverless AWS architectures is, what is the most cost-effective and efficient AWS platform service for a new system to use for ingesting data? Of course you could always just spin...
DynamoDB Auto Scaling - Open Sourced
DynamoDB just launched Auto Scaling natively. See here.
We have several projects that use DynamoDB heavily. And, while DynamoDB works great, you can hit throttle limits if you are trying to tightly match your provisioned capacity to your actual...
2 Minute Tip: Schedule Calling Webhooks with Cron Like Syntax in AWS Lambda
Today we were looking for a quick way to replace scheduled jobs in Jenkins with GitLab CI. Unfortunately GitLab CI does not support scheduled runs.
Being the lambda lovers we are, we figured a quick scheduled lambda function could fix...
Using Lambda and Datadog to Monitor VNS3 IPsec Tunnels
In a quickly changing technology landscape of immutable Docker deployments and Lambda-based Serverless architectures, IPsec VPN tunnels are far from sexy… but they certainly are critical.
At Trek10, we use the IPsec VPN functionality of
How Reliable is Lambda Cron?
Its more formal and slightly less catchy name is Cloudwatch Events with a Scheduled Event Source and a Lambda Target… but we think “Lambda Cron” just rolls off the tongue a bit better.
Cloudwatch Events is a service that lets...
Stateless Doesn't Mean No State!
As you know, Lambda functions run in a contained environment. But, what you may not know is that this environment is also often reused for subsequent invocations.
To demonstrate this, we created a Node.js Lambda function with the following code...
Lambda Error Hound: Chase Down Serverless Log Messages
It’s no secret that we love AWS Lambda for building serverless applications. Development costs can be dramatically reduced. Because you pay per invocation, operating costs (in most cases) will be less than running your application even on inexpensive...
A Look at Serverless GraphQL
GraphQL, currently one of the biggest squares on the buzzword bingo card, is gaining a lot of steam recently and serverless sits right next to it. Recently, I have had the joy (and sorrow) of working with both...
CloudFormation YAML is here, and it's awesome
You may have seen the announcement recently about what we at Trek10 consider to be the biggest update to CloudFormation since CloudFormation itself. AWS CloudFormation Update – YAML, Cross-Stack References, Simplified Substitution.
YAML is more...
Serverless Architectures: S3 Data Loading
Serverless on AWS represents a new way to architect highly performant, highly resilient, and very low-maintenance cloud-native systems. In this occasional series, we’re going to review some interesting design patterns for Serverless systems on AWS. Hopefully this will give you...
AWS Lambda Pricing in Context - A Comparison to EC2
There are many compelling reasons to consider a Serverless / Lambda-based architecture for your next project: scalability, fault-tolerance, low maintenance cost, high flexibility. But one of the most often-cited is cost.
A typical AWS serverless stack has several cost...
Building the Architecture for Pokémon Go in AWS
If you live anywhere near a park, you may have suddenly started to see people standing around like this in the past few weeks.
It isn’t as much of...
What is Serverless and Why Does it Matter?
When you hear “Serverless” I know what you’re thinking… oh boy, another buzzword! I get it. And it’s a pretty confusing one, on two levels:
- There are still servers! We’re just talking about a new abstraction above the servers,...
AWSume for Windows
Good news Windows users! You can now use this AWSume script on Windows. I assume I am not the only one that uses Windows for AWS work? … Right?!?
Serverless Secrets
The Serverless Framework is fantastic at managing AWS API Gateway, AWS Lambda, and helping wire up all the events and streams. It makes creating and managing complex infrastructures less painful and more straightforward. At Trek10, we have seen the...
DynamoDB Auto Scaling - The Serverless Way
WE HAVE OPEN SOURCED AN IMPLEMENTATION: CHECK IT OUT
So you’re building your serverless app on AWS for unlimited scalability and true pay-per-use. Your web server is Amazon API Gateway - unlimited scale with zero scaling effort....
Cleaning up old Docker images from ECR, the easy way
We have several clients at Trek10 using the Amazon ECR (EC2 Container Registry) as their Docker registry for storing and shipping images to ECS and other systems.
Some of our clients have run into the 500 image limit on ECR...
AWSume: AWS Assume Made Awesome
Update: Good news Windows users! You can now use this AWSume script on Windows too.
Here at Trek10, we work with many clients, and thus work with multiple AWS accounts on a regular (daily) basis. We needed a...
SSL Certificates... For Free!
As a follow up to our post HTTPS Everywhere, today we’ll discuss some history behind the SSL certificate and why they seem to cost so much money. We will also dive into the current landscape of SSL certificates...
Introducing LambdaClock
AWS Lambda now allows scheduling a one minute intervals. See here.
Currently, CloudWatch Event rules can be scheduled at minimum intervals of 5 minutes. At Trek10, we saw the need for a smaller interval, namely 1 minute. This need...
Lambda Fanout, What is it Good For?
Often with new technology some of the primary benefits are realized when you reevaluate how you approach a problem. AWS Lambda and event driven computing is no exception.
I’m going to walk you through one of the more exciting types...
Serverless Framework for Processes, Projects, and Scale
Like any good engineering-driven culture, at Trek10 we constantly evaluate new technologies, tinkering with them to figure out how they might fit into our workflows and processes. Want to know what the coolest new framework we have been playing with...
Using Roles to Secure Your Environment: Part 2
In our Part 1 post, we provided an overview of one of AWS’s most powerful and flexible security features -- roles. It can take some time and experience to fully wrap one’s mind around the varying capabilities...
Ops in a Serverless World
New technology appears and old job functions become obsolete. The practitioners move on to retrain on higher-value tasks and in the end the whole system is more productive. It happened when cars replaced blacksmiths, when the computer replaced armies...
Using Roles to Secure Your Environment: Part 1
Customers often ask us, “What is the best way we can improve our overall security?” At Trek10, we have developed a security audit framework for reviewing customer environments and providing our expertise on where an AWS account may deviate...
Running in One AWS Region is a Design Choice!
AWS’s recent outage to DynamoDB and related services in the US East region is a good reminder of some fundamentals of designing for availability on AWS.
AWS’s recent outage to DynamoDB and related services in the US East region...
Trek10 Achieves Docker Certification
October 21, 2015 — Trek10, a cloud enablement company that specializes in Amazon Web Services (AWS), today announced a partnership with Docker, the company behind the Docker open source platform and chief sponsor of the Docker ecosystem. Trek10...
Trek10 now AWS Advanced Consulting Partner and Docker Authorized Consulting Partner
Admission to the Advanced Tier of AWS Partners and a new Partnership with Docker highlight Trek10’s ascendance in the cloud.
Webinar Recording: Managing Docker Containers with Amazon EC2 Container Service
Docker provides a consistent and repeatable way to manage your application life-cycle, and ECS is AWS’s platform for running Docker containers at scale. You cannot deny that Docker+ECS is a compelling solution to many of the promises of DevOps...
Static Websites for a Better Tomorrow
The bytes that make up the page you are reading right now were delivered by a set of servers close to you. They were not generated by a server running WordPress or Joomla. In fact, the entire Trek10 website has...
Strong Passwords and LastPass: Part 2
In our last post, we reviewed why strong passwords and using LastPass is a good idea, especially for MSPs, like Trek10, who need to be sure that customer data are stored securely using best practices.
Strong Passwords and LastPass: Part 1
Given this summer’s security breach on LastPass, we thought it would be a good idea to discuss password protection and general password storage best practices. AWS and cloud architecture have driven the success of numerous valuable services, which often require...
