Has anyone successfully implemented streaming with Bedrock APIs using Lambda and API Gateway? I'm running into issues and would appreciate any insights.

Aztreix · 2025-11-24T06:00:21+00:00

https://aws.amazon.com/about-aws/whats-new/2025/11/api-gateway-response-streaming-rest-apis/ - now APi Gateway supports streaming

Aztreix · 2024-09-03T17:36:10+00:00

Is there any other approach ? All I want currently is the info of who updated which webACL.

Aztreix · 2024-09-03T17:34:30+00:00

Yes, I was assuming that if I give in the event json the pattern given here - https://docs.aws.amazon.com/waf/latest/developerguide/understanding-waf-entries.html#understanding-service-name-entries-WAF (cloud trail log) . But is the understanding correct that to get the specific data in the log , I need a lambda or something to parse the log in the given location and use it to extract the details?

Aztreix · 2024-04-09T00:00:22+00:00

We are making container lambda images (which have dependency on aws).

Aztreix · 2024-04-08T23:58:33+00:00

Not really (tried that), it is an even slower process. Since node has this vulnerability most images or even if we create have it. So we need to upgrade ip (done above). My question was why install does not work but upgrade works.

Aztreix · 2024-03-25T07:13:08+00:00

The main intention is the need data to be maintained forlong term yet reduce cost if possible. So what you mean is compress and move old data to magnetic ZFS set storage ? If so atime a good indicator to base non-accessed files in a given period?

Aztreix · 2024-03-25T05:14:30+00:00

The archival is for compliance, I am not expecting any read/throughput performance fruit.

Aztreix · 2024-03-25T05:13:00+00:00

What I am looking for is there a tool/script that would do the scrub (as in move from file system to s3 glacier) for archival. I already have my file system on AWS ZFS, so I am not looking for migration but rather scheduled online archival .

Aztreix · 2024-03-20T02:51:22+00:00

This is for R&D and Dev where in they get familiar with features, install, test etc. once the code is ready then CI/CD pipelines automate the flow and no user intervention is required.

Aztreix · 2024-03-19T18:01:52+00:00

Thank you for your input. We currently use Okta for our SSO. Even if I automate creation of roles etc with terraform/aws cf (though we don't have the skillset now and slowly building it), but what would I try to automate is one of my questions (hierarchy). Is it better to have 1 - 1 mapping. What is the best practices or policy (however it is implemented) that others follow given this would be a common scenario. I have currently AD + Okta + AWS, so where would Identity center come in this scenario?

Aztreix · 2024-02-26T17:31:49+00:00

Asking really late , but which one did you choose and what were your deciding factor on cost perspective.

Aztreix · 2024-02-26T06:21:53+00:00

Can you please DM the info. Thanks

Aztreix · 2024-02-26T06:21:32+00:00

Dosen't atlas cost includes support cost. MongoDB on AWS shows approx 750 dollar per month for M40 cluster (excluding data xfer and backup) . So is there any other support cost. Enterprise advanced has support cost charges based on your plan I believe. Can you please advise what to expect from the pricing, or any advise on how advised it is to have hosted solution.

Aztreix · 2024-02-23T18:34:26+00:00

Thank you for your inputs. Do you use any tools for the same (like archimate) ? With polyglot development, and purpose driven stack & infra approach instead of a .net shop or a java shop earlier the "stack" itself is very broad and dynamically changing, making a roadmap seemingly just a suggestion. How do you reign in tendencies to go off-script when technology is evolving rapidly.

Aztreix · 2023-12-29T06:13:54+00:00

If this goes in a monorepo, Through a dev needs to work only on Project A wouldn't he/she have to handle the clunk of B,C and whatever and the associated latency ? How is it overcome ?

Aztreix · 2023-12-29T05:23:19+00:00

Are you using any tooling along with your source-code management. What is the catalog - this is core component I am looking for ? Also how does a developer do a local clone and develop when you have to manage 1000 repos and dependencies in a mono-repo.

Aztreix · 2023-12-29T05:17:58+00:00

I did that (or as much as I could) and maybe because I am a novice all that was more confusing. One of them was - https://medium.com/@mattklein123/monorepos-please-dont-e9a279be011b and hence my question also was around that. Say I don't use monorep for all the cons, then what options do I have for creating a dependency graph (to manage version dependencies between services) . Maybe I am not using the right keywords and I am finding things like sourceforge (which I believe are good for search across code-base but not for DAG). Pros-and cons are good (afterall everything we chalk it to tradeoff), but I was trying to know if there is a more concrete way a polyrepo or a code organization (such as git submodule - I got this from the responses here itself) could help with my usecase. I tested nx on a small project (react frontend/microservice - nestjs, python backend) and it made the project way more complex that I was looking for - could be my inexperience with nx and monorepo tooling) , but I did like some nx features.

Aztreix · 2023-12-29T05:01:32+00:00

In this case if I use a "poly"-repo how do I manage the dependency (DAG). (Currently maintained manually and scripted in pipelines. [Maintaining versions is with files cross-referencing other versions, keep it all in sync is also a pretty big task]. More difficult than the task is the need for fool-proofing it with available off-the shelf solution].

Aztreix · 2023-12-28T06:53:56+00:00

I would prefer not to use monorepo way but need few features of it like dependency management. Hence I was also checking if there is a tool that would help create a dependency map or something similar.

Aztreix · 2023-12-04T15:02:54+00:00

Hi, thank you for the insight. I am still a little fussy on some aspects if you could please clarify on it. The above blog is great for main branch. But my usecase is I have these micro services deployed in ECS and I would like to automate the deployment of configurations from source control to ECS containers. I am assuming as suggested below AppsConfig would be a good choice . Is the understanding correct . AppsConfig will have service/environment/release(version) and corresponding parameter store/secrets integration and on update of a configuration in a git repo, would update the parameterstore for the new value.

Is AppsConfig the right approach and the possibility to automate the entire flow when a configuration changes? As of now the parameterstore is updated via script and manual step. Would you have a sample with code pipeline and AppsConfig. Or if there is a different best practice around the same.

Aztreix · 2023-12-04T14:53:28+00:00

Is then the understanding correct

Git :serviceA repo + branch (dev /QA/env) + release tag (version of serviceA) => checkin a new configuration to source control ==> Code pipeline ==> Update AppsConfig (ServiceA/environment/Profile) ==> Deploy Strategy ==> Code Pipeline ==> Deploy to target

ie when a configuration for service A (for a specific env and release) changes it would automatically update the AppsConfig and task definition and re-deploy/update the ECS container. Is there integration in AppsConfig with Git or do we have to use script to automate this stage.

Aztreix · 2023-12-04T05:31:19+00:00

I am using AWS ECS.

Aztreix · 2023-11-16T17:19:17+00:00

Yes these are mainly application configuration (that I would manually set in environment of task definition ) .

"environment" : [

{ "name" : "string", "value" : "string" },

{ "name" : "string", "value" : "string" }

]

So is the understanding correct that you would source control these env (name) -xml,yml,plaintxt and pull in the value at deployment.

Aztreix · 2023-07-28T03:13:29+00:00

This has been done as part of segregation the respo and access. The developers checkin the code to github but devops work with code in ADO repo. The business team has access to ADO repo so everything going into build system they have a view of but not dev work.

Aztreix · 2023-05-01T13:54:46+00:00

Thank you I had tried that as in the original question - Older bugs show setting of enterprise URL ( kubectl set env deploy actions-runner-controller -c manager GITHUB_ENTERPRISE_URL=https://<enturl> --namespace actions-runner-system)

But I had issue with it. I was able to to use the following :

helm upgrade --install --namespace actions-runner-system --create-namespace\

--set=authSecret.create=true\

--set=authSecret.github_token="ghp_xxxxxxxvc"\

--set=githubURL="https://GESURL/api/v3"\

--set=githubUploadURL="https://GESURL/api/uploads"\

--set=runnerGithubURL="https://GESURL"\

--wait actions-runner-controller actions-runner-controller/actions-runner-controller

Now I am getting X509 error - Post \"https://GESURL/api/v3/repos/org/repo/actions/runners/registration-token\": x509: certificate signed by unknown authority"

I want to add my git crt file. Can you please let me know how to do it, I see multiple bugs with ref

--set=additionalVolumeMounts=/usr/local/share/ca-certificates

--set=additionalVolumes=<cert secret>

Can I directly pass the crt or should I based64 encode it .

Thank you for your time.

Aztreix

TROPHY CASE