i am here

As an AWS consultant/trainer I travel a lot for my work. When at customers locations, I occasionally want to log in into our sandbox environment. In previous postings, I have shown how we increase security by switching on and off the bastion host with a single (or double) key-press of the AWS IoT button. In another post you can find how I setup my ssh configuration to use the bastion host without ever logging in to it and yet get access to our ec2 instances. In this post, let me share iamhere with you. It is a little script that I use to modify the security group that protects inbound… Read More

Continue Reading

SSH config for AWS bastion

As a roaming AWS trainer, I work on my AWS infrastructure from many different locations to give demos to the course attendees and prepare stuff in EC2 instances when necessary. When I launch instances, I usually do so in private subnets, not opening the instances to the Internet when not absolutely necessary. To access the instances I use what is called a stepping stone, jump server or bastion host. The idea of a bastion host is that it is the single point of entrance into your (cloud) infrastructure. Therefor, you should harden and secure that host to the best extent possible. Read my blog about switching on and off the bastion host… Read More

Continue Reading

Adopt IPv6 in the blink of an eye

We all know we’d have to adopt IPV6 one day. So why not today? I thought about this today, when I noticed my provider was so good to give my laptop an IPv6 address. So it starts making sense to get our¬†website on IPv6 too. When even private individuals get IPv6 access, it’s just a matter of time before the corporates do ūüėČ There is enough documentation out there about what IPv6 is and why we ‘need’ it, so I won’t replicate any of that here. Now, the question is, how to get your site on IPv6? At easytocloud, we¬†use AWS CloudFront as a CDN (Content Delivery Network) for our… Read More

Continue Reading

The Guru is Back In!

Some fifteen years or so ago, at Open Solution Providers we had the urge to share our knowledge on Unix where we could and in any way, shape or form¬†we could. One of the options to use our consultants¬†at the time, was to book us¬†for a day where customers¬†could ask us anything – Unix related. We called it The Guru is In! The idea was that, although formal training is good for fundamental knowledge, it is not always possible to tailor a training to the knowledge needs of our customers. And a single-day consultancy assignment is hardly worth the effort. “The Guru is In” – something in between training and… Read More

Continue Reading

AWS cloudfront

We¬†just moved¬†this site to S3 and cloud front. We have told our customers so often to move their sites to AWS cloudfront and S3 that we deemed it necessary to move our own site as well. In this blogpost we’ll tell you a bit about the journey. Basic architecture principles. At easytocloud we like to make as much use of managed services as possible. More often than not, we create server-less solutions as we aim to get rid of operating system responsibility were possible. However, as this site is a¬†Wordpress site,¬†we need to run at least one instance for the PHP code that makes WordPress. In addition to an instances,… Read More

Continue Reading