Keith is an architect by day, blogger by night. He’s responsible for all the content on this blog, and irresponsible for everything else.
Amazon KMS is one of the most integrated AWS services, but probably also the least understood. Most developers know about it, and what it can do, but never really fully realize the potential of the service. So here’s a rundown of the innards of the KMS service. What is KMS? KMS (Key Management Service) is an AWS offering that allows us to create, manage and use cryptographic keys. Like...
The system, which was introduced on the first day of the 2020 school session yesterday, takes only two seconds to scan a pupil’s face before his personal information, such as full name, pupil number and class, is stored into the school’s databasehttps://www.nst.com.my/news/nation/2020/01/552737/sk-taman-perling-1-uses-facial-recognition-scanners-mark-pupils A school in Johor became the first in...
This year I resolve to support the media that I like, i.e start paying for content I’ve been consuming for free all this time. I believe that if we want better media, we need to start paying for it, and it’s not a matter of quality content, a free and fair media, is an absolute necessity for democracy to operate — after all, people can’t make informed choices if they...
Last week, I launched a new pipeline for Klayers to build Python3.8 Lambda layers in addition to Python3.7. For this, I needed a separate pipeline because not only is it a new runtime, but under the hood this Lambda uses a new Operating System (Amazon Linux 2 vs. Amazon Linux 1) So I took the opportunity to make things right from an account hierarchy perspective. Klayers for Python3.7 lived in...
Had a blast at PyConSG 2019, really cool to be in the presence of so many pythonistas. Would definitely recommend, especially since python is one of the more broadly used languages (AI, Blockchain, RPA, etc). My talk was on AWS Lambda (naturally!). Slide deck can be found in this GitHub Repo. Let me know what you think either in the comments here or on Youtube. Or mail me keith [at] keithrozario...
Everyone knows that I’m a Lambda fanboy, and to be fair Lambda deserves all the praise it gets, it is **the** gold-standard for serverless functions. But yesterday, I gave Google Cloudrun a spin, and boy(!) is Lambda is going to get a run for its money. Which is surprising given Google has traditionally lagged in this area — isn’t it quaint that we use words like...
Lambda functions are awesome, but they only provide a single dimension to allocate resources – memorySize. The simplicity is refreshing, as lambda functions are complex enough — but AWS really shouldn’t have called it memorySize if it controls CPU as well. Then again this is the company that gave us Systems Manager Session Manager, so the naming could have been worse (much worse...
At the end of 2018, AWS introduced custom runtimes for Lambda functions, which provided customers a way to run applications written in languages not in the holy list of the ‘Official AWS Lambda Runtimes’ which include a plethora of languages. It has 3 versions of Python, 2 versions of Node, Ruby, Java, Go and .NET core (that’s a lot of language support) Security-wise, it’s...
One of a great things about Lambda functions is that you can’t SSH into it. This sounds like a drawback, but actually it’s a great security benefit — you can’t hack what you can’t access. Although it’s rare to see SSH used as an entry path for attackers these days, it’s not uncommon to see organizations lose SSH keys every once in a while. So cutting down...
This is a continuation in the Klayers series, where I deep dive into the architecture of Klayers. At its core, Klayers is a collection of AWS Lambda Layers for Python3, with the idea that python packages in layers is more efficient than packaging them with application code. Visit the GitHub repo here, where you’d find 50+ lambda layers for public consumption across most AWS regions...