The Orbit Blog

Learn about best practice, news, how-tos, and insight. The goal? Accelerate your AWS Journey.

Leveraging AWS CloudFormation Change Sets to manage change

By Brett Gillett //

Summary of Environment A large automotive manufacturing company approached us to help them with a hybrid deployment of a commercial content management system (CMS) on the AWS platform. Once deployed, the solution would provide services to a network of dealers across Canada. We worked with their in-house team to develop and implement a solution based on AWS CloudFormation and integrated it with GitLab. By combining the Continuous Integration (CI) capabilities of GitLab with the native functionality of AWS CloudFormation, we were able to create a system which allowed fast, efficient and repeatable deployments across multiple environments - including production - and AWS accounts.

AWS CloudFormation and GitLab CI Pipeline

By Brett Gillett //

Summary of Environment A multinational recruiting firm required a large hybrid deployment to support their main business functions in North America - including, but not limited to, payroll, finance, and time tracking. AWS CloudFormation is used to manage all environments - including production - across several AWS accounts and AWS regions. We took a ‘microservices approach’ to the creation of the templates used to deploy and maintain the environment. Virtually all aspects of the AWS deployment are managed via small, easy to operate and maintain CloudFormation templates.

AWS Shared Responsibility

By Brett Gillett //

Yes, you have responsibilities. Just because you’re using someones else’s computer doesn’t mean you get to ignore all the boring stuff and hope that someone else takes care of it for you. Want to know who’s responsible for what? Make sure you read the AWS Shared Responsibility Model. Here’s the Coles notes version for those of you who still won’t read it. AWS is responsible for the security of the cloud; you are responsible for security in the cloud.

Reduce EC2 Spending

By Brett Gillett //

EC2 is one of the ‘big three’ of AWS spending. In many cases, the majority of your AWS bill is made up of EC2, EBS, and RDS consumption. Reducing EC2 spending is easy - You don’t need fancy tools or in-depth analysis. When a resource like an EC2 instance isn’t in use - shut it down. If your Proof-of-Concept (POC) project is complete - terminate the resources. We recently worked through this process for a customer - you can see the results below.

Putting the AWS Security Audit program to the test in FinTech

By Brett Gillett //

In a recent post, I shared details of the AWS Security Audit program offered by Curious Orbit. Today I want to show you how this program helped a real customer. 3rd party validation to verify security requirements CASHiQ is a FinTech startup company based in Hamilton, Canada. The company produces a third party application that financial advisors can use to improve efficiency through online interactions. For example, the app can be used to store documents, share portfolio information, and even correspond with clients in real time.

AWS Well Architected Framework

By Brett Gillett //

The AWS Well Architected Framework (WAF) is a series of documents maintained by the subject matter experts at Amazon Web Services. The goal of the Well Architected Framework is to provide you with guidance on how to build more flexible, resilient, secure, cost-effective solutions on the platform. Currently, there are five ‘pillar’s, three ‘lens,’ and an overview document. Pillars consist of the following documents: Operations Excellence Security Reliability Performance Efficiency Cost Optimization The three lenses are:

VPC Flow Logs - an Introduction

By Brett Gillett //

If you’re running solutions on the AWS platform, you most likely have a Virtual Private Cloud (VPC). The majority of deployed VPCs don’t have an essential feature enabled - VPC Flow Logs. VPC Flow logs provide insight into the traffic flowing in (and out) of your VPC. You can enable logging for an entire VPC, subnets or network interfaces within a VPC. During the setup process, you can decide what you want to record - Rejected, Accepted, or All traffic.

Running Minecraft on an EC2 instance

By Brett Gillett //

A few weeks back, my nephew spent a few days with us to finish his March break. Like many gamers, he spends most of his time in Fortnite, but when he arrived, he reminded me about our AWS Minecraft server from the previous year. His memory is (much) better than mine, so I had to go digging - but I found the Amazon Machine Image (AMI) we created when we mothballed the Minecraft adventure from the year before.

AWS Resolutions for 2019

By Brett Gillett //

Originally posted to ORBIT - our weekly newsletter - back in December. Want content earlier? Sign up now! As we get closer to the end of the year I’ve been spending time looking at the work we’ve done for customers and the most common questions we’ve received from students in our AWS training sessions. This week I decided to create a list of ‘Resolutions’ for 2019 when it comes to deploying (and/or supporting) solutions on the AWS platform.

How to know if your AWS environment is secure

By Brett Gillett //

Today, let’s talk about security — of your AWS account and cloud infrastructure. If it keeps you up at night, you’re not alone. Many business leaders struggle with the notion of audits, or the security of their account. For instance, maybe you’re thinking about the increasing trend of cyber attacks, which have become more prominent in recent years. Many high-profile organizations have revealed network compromises that led to customer information being stolen or, at minimum, placed at serious risk.

Customer Spotlight

The Canadian Press

Founded in 1917, The Canadian Press is Canada's independent news agency. More than 180 journalists provide real-time, bilingual multimedia stories across a diverse number of platforms. Read about how The Canadian Press partner with us to build a dynamic, cost-effective solution on AWS.

Read Customer Story