This week, we’re diving deep into the world of serverless and exploring the latest techniques for testing and cost optimization. Are you tired of mocking AWS SDK calls when testing your serverless functions? We’ve got you covered with a new approach to serverless testing that doesn’t require mocking. Plus, we’ll show you how to keep your costs in check with serverless MongoDB Atlas.
But that’s not all, have you ever wondered how a hacker can waste $13000 on your AWS account? We’ll take a look at a real-life example and share the steps you can take to prevent this from happening to you.
We’ll also explore some of the latest developments in Kubernetes, including a deep dive into DNS and service discovery and tips on how to detect insecure VSCode extensions. Additionally, we’ll share some of our favorite open-source DevOps tools of the week and discuss the ongoing debate around Platform Engineering vs DevOps is Dead. Don’t miss out on our coverage of finding active resources in your AWS account, building AWS Lambda layers with AWS CDK, and how to fix common issues in Kubernetes clusters.
🧪 “Serverless testing: simplify testing with SOLID architecture” — Post on Testing Serverless architectures using SOLID and Hexagonal software architecture principles without needing to mock AWS SDK calls at all!
💸 “Avoid bankruptcy while using serverless MongoDB Atlas” — Several best practices to avoid financial issues such as: setting up an alert system to monitor usage, properly configuring the data storage, and using the MongoDB Atlas’s auto-scaling feature.
💰 “It happened to me: how I suddenly owed AWS $13,000…” — The hack could have been avoided if they had set up Multi-factor Authentication (MFA), CloudTrail, and Budgets from the start.
👀 “A debugging story: a bug in the S3 API” — The AWS S3 API has a bug in it where if the configuration is modified on create, the API responds with 404 for those attributes.
💡 “The life of a DNS query in Kubernetes” — Understanding how DNS and service discovery work in Kubernetes can be helpful for debugging issues.
🔒 “Can you trust your VSCode extensions?” — The post covers how to detect and mitigate risks associated with malicious extensions and how to secure your development environment.
🛠 “Build AWS Lambda layers with AWS CDK” — This blog post covers AWS Lambda layers basics and how to build them with Docker & AWS CDK in Python.
🤔 “Platform Engineering as a startup” — This article discusses the importance of internal tools, the evolution of the term “platform engineering,” and the challenges of aligning vendor and customer incentives in this space.
🔥 “Komiser vs AWS Resource Explorer” — Finding resources within the AWS Console has been a tedious and often frustrating task, particularly for those who have a large number of resources and use multiple AWS regions. This has been the case for a long time … until the release of AWS Resource Explorer.
Latest open source projects
Basti is a CLI tool for accessing DB instances and other AWS resources in private networks almost at no cost. You can securely connect to your RDS/Aurora/Elasticache/EC2 instances in private VPC subnets from a local machine or CI/CD pipeline.
Adrenaline is an open-source debugger powered by the OpenAI Codex. It not only fixes your code, but teaches you along the way.
Copacetic is a CLI tool for directly patching container images using reports from popular vulnerability scanners like Trivy.
AWS Terraform Dev Container
AWS Terraform Dev Container is a vscode extension with tools to help you build and manage AWS infrastructure with Terraform.
StepFunctions Workflow Studio Sync
A Chrome extension that enables real-time sync between StepFunctions Workflow Studio and your local file system.
Convox Rack is an open-source private PaaS that runs in your AWS account.
Question of the week
Meme of the week
I hope this summary has been useful. Remember to subscribe to the newsletter to receive the latest DevOps trends in your inbox every week 🔥
Top comments (0)