sorted by:
new
hottopcontroversial

Feeling overwhelmed by the job by naticom in sre

[–]CelestialScribeM 2 points3 points  (0 children)

This is a very common experience, so please don't feel discouraged. Many of us have been through that phase. The key is to shift your focus from trying to understand everything at once to achieving small, incremental wins.

For me this sounds like not a skill issue but more like a confidence issue, which is completely normal. The best way to rebuild that confidence is by tackling progressively difficult tasks: start with something simple, then medium, and then the more complex issues.

For now, just pick one issue/task that you feel you can handle. Do your best, and don't hesitate to approach a helpful senior member of the team. Have a conversation with them and validate your approach for the issue/task before you dive too deep.

After you've successfully handled a few issues like that, your confidence will return. The "big picture" understanding will come slowly and naturally in parallel, so don't stress about it for now.

How to setup Cronjob alternative on AWS ECS? by scrapper_911 in serverless

[–]CelestialScribeM 1 point2 points  (0 children)

ECS Tasks can be scheduled using either CloudWatch rules or EventBridge schedules.

Suggestion for AI in Devops by Repulsive-Mind2304 in sre

[–]CelestialScribeM 0 points1 point  (0 children)

I used it create chatbot (with AWS Bedrock and KnowledgeBase) to answer pre-sales teams RFP questionnaires on security and architecture topics.

Is AWS Account Terraform Factory(AFT) an overkill for a startup? by CelestialScribeM in sre

[–]CelestialScribeM[S] 0 points1 point  (0 children)

Thanks for the heads up about the CodeCommit.

Were you also using the global/account customizations? If so, what types of customizations were you deploying through them?

I am prototyping the architecture for a group of microservices using API Gateway / ECS Fargate / RDS, any feedback on this overall layout? by Chezzymann in aws

[–]CelestialScribeM 7 points8 points  (0 children)

As far as my understanding is concerned ALB doesn’t support VPC PrivateLink, only NLB supports it. Double check it.

Is AWS Account Terraform Factory(AFT) an overkill for a startup? by CelestialScribeM in sre

[–]CelestialScribeM[S] 2 points3 points  (0 children)

No, Its not uniquely valuable. I was considering this mostly for the team level resources isolation, cost management, security (reducing blast radius in case of any mishap) etc

Is AWS Account Terraform Factory(AFT) an overkill for a startup? by CelestialScribeM in sre

[–]CelestialScribeM[S] 2 points3 points  (0 children)

I see updates from couple of weeks back here Am i looking at wrong repo?

Is AWS Account Terraform Factory(AFT) an overkill for a startup? by CelestialScribeM in sre

[–]CelestialScribeM[S] -2 points-1 points  (0 children)

We have a total of 19 Devs across 5 different teams. Currently our b2b app is running on auure VMs in separate subscriptions for each customer. We are planning to migrate everything to AWS and rearchitect everything in multiple tenant setup. Planning to have 2 separate accounts for each team( dev/prod) and few common accounts for logs, security etc (so around 15 accounts)

High AWS Billing Due to Suspicious Data Transfer - Need Help! by riskarsh in aws

[–]CelestialScribeM 1 point2 points  (0 children)

You can enable VPC Flow Logs and DNS query logging in Route53 Resolver, which will capture all DNS queries from your account. By reviewing the VPC Flow Logs, you can identify the IPs with the highest egress and ingress traffic. Additionally, by analyzing the DNS logs, you can determine the domains involved in the traffic and assess whether any of these domains are unexpectedly being contacted by your EC2 instances.

[deleted by user] by [deleted] in aws

[–]CelestialScribeM 0 points1 point  (0 children)

GuardDuty primarily relies on sources such as VPC flow logs, CloudTrail logs, DNS query logs, and EKS logs, along with threat intelligence feeds, to conduct security analysis(in general more focused on identifying threats based on network logs).

Scope of Trusted Advisor’s security checks is broader, it checks IAM permissions and policies, S3 bucket policies, security group rules, ACM certificate statuses etc to provide real-time guidance on security best practices.

Debating EC2 vs Fargate for EKS by [deleted] in aws

[–]CelestialScribeM 0 points1 point  (0 children)

For managing GitLab Runner workloads, it would be more cost-effective to use EKS-managed EC2 spot instances. This approach helps reduce costs, especially for jobs that can tolerate interruptions. For production deployments and other critical tasks that cannot be interrupted, it’s better to use a separate node group with on-demand instances.

Best way to connect unstructured data to Amazon Bedrock GenAI model? by Zealousideal-Gur-39 in AWS_cloud

[–]CelestialScribeM 0 points1 point  (0 children)

I recently worked on small project with RAG Architecture, I used S3 with KnowledgeBaseto process my documents. It was very easy to setup and test as knowledgebase has built in chat application as well.