One of the aspects of AWS Lambda1 that makes it excepent is that Lambda is used to extend other services offered by AWS. In this example we will set up Lambda to use Server Side Encryption for any object uploaded to AWS S32.
The first task we have is to write the lambda function. Below we have the Python code that will read in the metadata about the object that was uploaded and copy it to the same path in the same S3 bucket if SSE is not enabled.
I was working on a task yesterday and throught I would write it up so that others could possibly benefit from it. I was working to document our AWS enviornment, specifically the security groups around each instance and how the instances are connected to each other and the internet as a whole.
I had been asked several weeks ago if there was some documentation of the AWS environment at work and how instances were interconnected.
The inspiration for this post and much of its content comes from https://medium.com/aws-activate-startup-blog/building-a-serverless-dynamic-dns-system-with-aws-a32256f0a1d8#.6tzj1o286.
Problem
You've recently set up a server at your home. You don't quite feel comfortable hosting it in a service like AWS or you happened to have a machine lying around you want to try and get some use out of. You've gotten it up and running and forwarded incoming traffic from your router to be forwarded to the server.
Problem
You are given the task to only allow access to certain AWS resources to the office you work in. You create a Security Group and ask a colleague for the external IP address range assigned to the office. He tells you that there is not static range. The office, along with the rest of the building, share a commercial ISP with dynamic addresses. In addition to that, there is not one but three IPSs that are load balanced for outgoing traffic.