Preparing for AWS re:Invent 2023

AWS re:Invent 2023, the biggest event in the annual Amazon Web Services (AWS) calendar, is just around the corner.

If you’ll be attending in person, it can be difficult to know which sessions will be valuable. In this blog post I’ve listed the sessions that I’m planning on attending as well as a few tips to get the best from the event.

Reserved seating for the event opens on 17th October that I like to call whack-a-mole night as no sooner have you tried to reserve a seat it’s quite likely that session will already be fully booked and then you’ll end up queuing up on the day and potentially mission out on other opportunities available to you at the event.

Configuring Amazon VPC IP Address Manager (IPAM)

In many enterprise environments a common challenge is to how to handle the allocation of IP CIDR blocks be that to Data Centers, Offices, Subnets so as to ensure that resources don’t end up with IP addresses that have already been assigned to resources on the Network. Duplicate IP Addresses on the Network can cause numerous issues and AWS have previously written the following blog that discusses several solutions to this challenge such as the use of NAT Gateways and AWS PrivateLink or a couple of more manual approaches to workaround the issue.

Field Notes: Using Amazon VPC Prefixes with Security Groups

Recently during a Customer engagement I encountered what seemed to be a fairly straightforward issues with a Security Group that was running into a service quota isssue with the number of Inbound or outbound rules per security group.

Background to the Issue

To give a little bit of context, this particulary security group was associated with a couple of Amazon EC2 Instances that were running Microsoft Windows Server 2019 and performing the function of Active Directory Domain Controllers that were being self-managed by the Customer.

Customising AWS Control Tower with Account Factory Customisations

At AWS re:Invent this year Account Factory Customisations was released. This post will walk you through how to configure and use the new functionality as in my opinion the documentation isn’t particularly clear as to how things work and there were also issues with the implementation steps when I first implemented it.

Use Case

For my specific situation that I’m utilising this for I want to deploy a VPC that leverages the Amazon VPC IP Address Manager (IPAM) for obtaining an IP CIDR Range since I don’t want to have to manually enter one each time and run the risk of overlapping address space. As part of my pre-requisties I’ve already written some automation using CloudFormation to not only setup VPC IPAM for delegated administration in my Organization, but I’ve also set up VPC IPAM so that I have seperate IPAM Pools for different regions and also different environments within those regions. This post won’t go into the details of the automation or the details of the CloudFormation Template that I’ll deploy either but how the Solution ultimately works.

Announcements from AWS re:Invent 2022

AWS re:Invent is a learning conference hosted by AWS for the global cloud computing community in Las Vegas every year. The in-person event is in my opinion AWS’s showpiece event that features keynote announcements from the likes of Adam Selipsky, Werner Vogels, Peter de Sanctis & Swami Sivasubramanian. In addition, there are opportunities for training and certification as well as access to many technical sessions, plenty of networking opportunities and the infamous re:Play Party.

Experts Exclusive Interview on the AWS Certified Global Community

Back in early September, I received a private message from one of the Admins of the AWS Certified Global Community as there team had noticed myself being a champion within the community’s discussions and they wanted to highlight my contributions. They have an ongoing series called Expert’s Exclusive, where they publish an exclusive interview with one of there own experts and they wanted to feature me in the series.

It was quite a nice surprise and was the second time in my career where I’d been interviewed for a publication with the previous interview having been many years ago by Linux Academy who interviewed me regarding my AWS certification journey.

Creating a Multi-Account CI/CD Pipeline with AWS CodePipeline

Whenever I’ve tried to learn a particular service or functionality within AWS, I find the best way is to do the ClickOps approach (i.e. Good Old Point and Click in the Console). Once I’ve figured out how to get it working via that method, I then go through the process of trying to automate it through Infrastructure as Code and in my case thats using AWS CloudFormation.

One particular example of this was getting a bit more familiar with AWS CodePipeline so that I could try to automate the delivery of CloudFormation Templates across multiple AWS Accounts in a similar manner as to how you would deploy solutions in a Software Delivery Lifecycle (SDLC). When I was learning how to do this through the management console, I found out that its not possible to do it all within the console and therefore you have to also leverage the AWS CLI for specific parts.