Part 2 - Cost effective dev environment

Part 2 In part 1 on the search for a cost-effective dev environment we looked at the VPC setup. In this part we will look at the RDS setup. There are at least 3 ways to start and stop an RDS instance (in this example I used a simple RDS instance): Using Lambda Using SSM State Manager Using Eventbridge schedules Lambda The first option is to use a Lambda function to start and stop the RDS instance.

Part 1 - Cost effective dev environment

Part 1 This is the first part of a series of posts about how to setup a cost-effective dev environment in AWS. The goal is to have a setup that is as close as possible to production, but without the cost of running a full production environment. One key way of reducing costs is to shutdown and scale down resources when they are not needed. In most cases a fully functional dev environment is only needed during working hours.

FreeBSD 14 Release

Finally, the lasted version of FreeBSd has been released. Imported to note is that there was ZFS bug found and patched in the p1 patch. So if you upgrade this should be included. If you are running 14 for some time it might be worth running freesd-update fetch to get the latest patches.

RDS Proxy with HAProxy

It is good practice to isolate your valuable data from the evil internet. The absolute basis is to have a subnet without a route to either a NAT gateway or Internet Gateway. A misconfiguration eg an open Security Group will not lead to exposure of your data due to being an ‘un-routeable’ subnet. The local route still applies to this subnet, so other subnets can still communicate with this subnet.

AWS Network Firewall

What is the Network Firewall As AWS describes it: AWS Network Firewall is a managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs). The service can be set up with just a few clicks and scales automatically with your network traffic so you don’t have to worry about deploying and managing any infrastructure. Network Firewall’s flexible rules engine lets you define firewall rules that give you fine-grained control over network traffic, such as blocking outbound Server Message Block (SMB) requests to prevent the spread of malicious activity.