Tag

Cloud

Cloudflare Access – Secure access to internal applications without a VPN

Cloudflare Access is a new innovative products to secure access to internal applications without a VPN. It build a fence around your internal applications no longer works for your global team. Cloudflare Access replaces corporate VPN clients by putting Cloudflare’s global edge network in front of your internal applications. How’s the Cloudflare Access work is…

Installing Nginx Pagespeed Module

PageSpeed is a technology from Google, designed to help a website’s performance optimizations. Faster websites offer a better user experience, boost rankings in Google and increase conversion rates. Pagespeed lets you measure and (automatically) optimize your web pages and comply with web performance best practices. Speed up your web site and boost web performance! Assume…

Accessing S3 using VPC endpoints

VPC endpoint enables creation of private connection between VPC to the supported AWS services. As an example use case, we want to accessing S3 bucket from the EC2, we may need to access it over the public Internet. By travel out from our VPC to the public internet and than come back to AWS S3…

Accessing private EC2 using the bastion host/jump host

This post is continuous post from the previous post – Deploying EC2 with Private and Public Subnet Using Terraform in AWS. Bastion hosts are instances that sit within your public subnet and are typically accessed using the SSH or RDP. The primary role for the bastion host is that it’s act as the “jump” server…

Deploying EC2 with Private and Public Subnet Using Terraform in AWS

Terraform always the simple and easy way for us to deploying our infrastructure over the cloud, in this post, I will deploying 2 EC2 in the public and private subnet and try to access into the private EC2 using the public bastion host. A bastion host is a special-purpose computer on a network specifically designed and configured…

AWS Cross-Account Assume Role

Recently I need to manage more than 1 AWS account which it’s not under the Organization unit. In order to browse around the 2 account I may need to have 2 set of credential and keep login and logout (unless i open 2 difference browser or using incognito mode.) Found the the cross account assume…

Hosting private static content in S3 using AWS Cloudfront

AWS S3 is always a best place to keep your static content for your website due to the nature of high durability and also high availability. And it’s always highly recommend to set your S3 bucket as private, but how to host a web static file without a public access? This is where the AWS…

Auto update CloudFront IP into security group using Lambda

AWS CloudFront (CDN) provide a better performance and low latency to the website visitor by caching the content at the EDGE location which closer to the visitor location. CloudFront not only provide the performance improvement to the end visitor, it’s also provide the lower cost of content delivery from your origin to the end visitor…

Deploying VPC with Terraform

Terraform is an open-source infrastructure as code software tools created by HashiCrop and it enables user to define and provisioning a datacenter infrastructure using high-level configuration language which is know as HashiCorp Configuration Language (HCL) or optionally you can using JSON. Terraform is platform independent tools where you can use it to code for infrastructure…

Increase disk space on Linux EC2

You can attach an EBS volume as another device (ex. /dev/sdf) to an instance for more disk space. Once you have a mount point set in Linux OS, you can copy your website files there and point the web service config to point to that directory for the website. As another option, you can expand…

google.com, pub-3772983857049267, DIRECT, f08c47fec0942fa0