The Orbit Blog

Learn about best practice, news, how-tos, and insight. The goal? Accelerate your AWS Journey.

Monitoring a Web Server on AWS

By Travers Annan //

Web servers break. Thankfully, we have tools like Autoscaling for EC2 and Elastic Load Balancers to minimize the impact of server downtime, but it remains a fact of IT life that servers can fail for any number of reasons. To get ahead of a failure event, it’s good practice to have some monitoring set up on your machines. In this article, we’ll go through some basic monitoring you can deploy on an Apache EC2 instance and integrate with Cloudwatch Metrics.

Monitoring AWS Health Events

By Travers Annan //

Monitoring AWS Health Events Every so often, infrastructure in an AWS availability zone (or region) breaks down or a bug is discovered with a service. When this happens, AWS sends a notification to affected accounts and an email to the account owner. That’s pretty useful if you are the sole owner of an account, but what if you need those emails to reach multiple users? You could always forward them, but that requires action on your part.

AWS Organizations Best Practices

By Brett Gillett //

Two years ago, I wrote down some thoughts about a strategy for AWS Accounts - it’s been a while and I figured it was time for an update on the topic. In the original article, I talked about how many of our customers were starting with a single AWS account strategy - all resources, regardless of use in a single AWS account. While this strategy may seem sound at the time, it does have the potential to back you into what I like to call an ‘architectural corner’.

Gitlab and Cloudformation

By Brett Gillett //

GitLab is an integral part of our day-to-day workload on the AWS platform, as we manage well over 110K lines of CloudFormation code across close to one-hundred AWS accounts. In addition to using it for our internal development purposes, we also use it to deploy and manage solutions for our managed and OrbitOps customers. In this article, I’ll walk you through how we currently have GitLab deployed and how we integrate it into our customer’s AWS accounts.

Deploying VPC Prefix Lists with CloudFormation

By Brett Gillett //

Video Transcription Okay, let’s let’s get started here. What we’re gonna do tonight is actually work with relatively new feature. We’re gonna have a look at how we can create VPC prefix lists in Cloud Formation. I actually did a really short demo on this feature weeks ago when this was first announced at the end June. I guess it’s more than a couple weeks ago now, right?

Using the Amazon Workspaces Cost Optimizer

By Travers Annan //

Given the current situation, it’s fair to say that most IT departments have experienced a jump in demand for remote workstations, and many are turning to cloud providers. AWS Workspaces is a convenient way to provide digital workspaces to your employees, but how can you be sure that you’re getting the most out of it? Enter the AWS Workspace Cost Optimizer. This premade CloudFormation stack provided by AWS sets up a lambda function that checks the usage of each workspace on your account, then updates the billing method for that workstation to the most cost-effective plan.

Using AWS Config to ensure EC2 Cost Optimizer is enabled

By Travers Annan //

Wherever possible, organizations of all sizes are moving to remote work these days, which can lead to a spike in IT costs. To help mitigate this, we’re developing a suite of tests and checks to help our customers optimize their accounts. One handy cost-cutting AWS service is the Compute Optimizer. When enabled, this feature automatically checks your EC2 instances for incorrectly provisioned machines. Once enough data has been collected, the service will make recommendations that should 1) help lower costs (over-provisioned) or 2) improve customer experience (under-provisioned).

Creating Multiple AWS Backup Vaults to protect resources

By Brett Gillett //

Ensuring you have regular backups, i.e., snapshots, is a fundamental step in creating reliable, fault-tolerant solutions on the AWS platform. Luckily, AWS provides a fully managed, easy to use solution which allows us to manage snapshots for several AWS services centrally. In this article, I’ll discuss how we deployed multiple AWS Backup vaults for a fully managed WordPress deployment. Before we discuss the details of the AWS Backup solution itself, let’s have a quick look at the overall solution.

Using Lambda to Disable IAM Users

By Travers Annan //

Problem Picture this. You work as a cloud IT professional at a medium size company and you recently hired some AWS contractors. They do a good job, and you get permission to hire more in the future. So you do, and this goes on for some time. However, you get tired of manually removing old contractor users from your IAM groups. What’s an IT pro to do? Solution A good way to solve this problem would be to use a scheduled Lambda function and good tagging practices to identify old users and remove their permissions.

Monitoring Workspaces With Amazon EventBridge

By Brett Gillett //

Because of COVID-19, many of our customers have implemented work from home solutions for their employees. While many options are available, Amazon Workspaces offers a cost-effective, easy to use remote desktop solution. Last week, we helped one of our AWS Managed Services customers deploy approximately four hundred Windows Workspaces across several AWS accounts. One of their requirements is to report on daily usage. While Amazon CloudWatch provided us with much of the information we required to meet the customer’s needs, we did build a custom solution for reporting.