Simplify AWS Network Design | by Teri Radichel | Cloud Security | October 2023

esteria.white

ACM.352 Can we also reduce costs?

14 minutes of reading

15 hours ago

Part of my series on Automation of cybersecurity measures. Internet Security. S3. Deploy a static website. THE Coded.

Free content on Cybersecurity Jobs | Register at Broadcast list

In my last article I talked about troubleshooting when installing software on private networks because it was slowing me down.

Today I was working on my container for my Lambda function to use as a trigger for AWS CodeCommit to be pushed to an S3 bucket. I started by reorganizing my base container based on the results of previous posts so that I could use a single container with all the base files required for my custom bash runtime. More on this in the next article.

But first, networking has really hampered my productivity.

Problems with my current approach and lack of automation

As I work to develop and test my Lambda function, I realize that my networking can be simplified, or perhaps in some ways more complex in the short term, but reduce cost and complexity over time. long term. At the same time, I want to reduce the number of endpoints I have to deploy because apparently they’re going to break the bank more than expected.

Along the way, I kept realizing that I was missing some VPC endpoints. Or a service is not working, so I need to remove that endpoint and deploy another one. Each new service I use requires a different VPC endpoint. Sometimes I’m not sure if I’m supposed to use one endpoint or another, like the git VPC endpoint for AWS CodeCommit or the AWS CodeCommit endpoint. I need to go back and re-read the information on this.

I’m also developing two separate networks: one with a gateway for remote access and one without. So I test something on a network and it works. Then I have to go back and replicate what I configured in the other network.

Leave a comment