Using Multiple Accounts with AWS Powershell Tools

At my company we chose to separate our AWS resources into two accounts, one for production data and one for redacted data. This makes sense from a security standpoint, but it also makes it a little trickier for users who want to use a package like the AWS Powershell tools. Constantly copying your secret keys is a big waste of time, and I found it a little confusing how to save different sets of access keys into powershell.

This had been frustrating me for a while, so I finally took an hour to read the documentation and examples more carefully to understand how to setup multiple AWS accounts in the Powershell tools. I found this a little confusing so I figured I would write up an example for others.

Using git bash on windows with AWS CodeCommit

I've started using AWS CodeCommit for some projects and so far I'm a fan. It's a very simple web interface on top of git, so it doesn't have any code review or issue tracking features, but if what you're looking for is a private git repository for very cheap, CodeCommit might be right for you.

The only configuration you need for CodeCommit is the name of the repository. Once you've created that, AWS will present you with the URL to clone your repo.

Chef Cookbooks in CodeBuild

AWS usually releases a large number of new services at re:Invent, and this year was no exception.

The announcement I was most excited about was AWS CodeBuild, which is exactly what it sounds like: a service designed to take servers out of your build process.

One of the problems we looked tackling first is "building" chef recipes. If you're a chef user, you know that recipes don't need to be build so much as critiqued using foodcritic and packaged or deployed.

Lambda Logging to Cloudwatch

If you're an AWS user, either professionally or personally, I can't encourage you enough to try it out. Lambda is the ability to run code in a few different languages (currently Python, Node, and Java) without worrying about the server environment it runs on.

Describing AWS Instances

Amazon uses the idea of "describing" resources using filters quite a bit.

A filter in python terms is a list of maps, and each value in the map's key-value pairs can be a list. The documentation is a little light on details, intentionally I believe, because the format is extremely flexible. A few examples of using this in Python and Powershell are below

Example Cloudformation template for Opsworks Stack

I recently spent some time struggling through the AWS documentation to create an Opsworks Stack using Cloudformation. The AWS documentation is comprehensive for the resources available, but a little lacking on examples for how to link them together.

I thought I'd share a sanitized example of what I found, so it's below.

AWS Cloudformation Template Parameters

An AWS Cloudformation template represents a stack (grouping) of resources. Most companies will want to deploy these stacks into multiple environments ("Development", "Staging", "Production", etc).

Cloudformation presents an easy way to do so with a combination of template parameters and mappings.