Recent Posts

Tooling around with CloudFormation helpers

Pretty much everybody can agree that working with CloudFormation is a bit, shall we say, cumbersome. Dare I attempt to recite its shortcomings? No, I dare not. Okay, maybe just a few...

Blue moon update

Full time consulting life working at home turns out be, well, quite a lot of work! But finally I'll make time for a few thoughts and updates.

Serverless: what's in a name?

The *serverless* moniker is rubbing a lot of people the wrong way. A cursory search for #serverless captures the prevailing sentiment:

Encrypting EC2 ephemeral volumes with LUKS and AWS KMS

A project I worked on recently has a business requirement to encrypt data at rest. We had a mid-sized Cassandra cluster on EC2 that, for various reasons, stored data on ephemeral volumes. The system had previously relied on Gazzang (now owned by Cloudera) for on-disk encryption, but according to the operations team it was unwieldy to manage and an "operational bottleneck." I can't attest to that as I wasn't involved in the implementation. I was asked to replace it.

Extending boto3

Using the event system to add an attribute to boto3 SecurityGroup objects, making it easier to interact with rules.