In cloud computing, security is a critical concern. While AWS provides backup solutions for many resources, custom configurations often require additional protection. Two key services, AWS Key Management Service (KMS) and AWS Secrets Manager, don’t offer direct backup options. However, they implement a deletion grace period— by default 30 days and this is the maximum — allowing for potential restoration.

Amazon OpenSearch Service is a powerful tool for search, log analytics, and RAG (Retrieval-Augmented Generation) systems. To ensure optimal performance and reliability, effective monitoring is crucial.

10th of Juli: The ten new features, which were announced in AWS NY Summmit, show a trend in Amazon Bedrock: to implement Prompt Engineering Patterns as services. One of the best practices to avoid prompt injection attacks is GuardRails. Here, I do a deep dive into the new GuardRails features “contextual grounding filter” and “independent API to call your guardrails.” Note: Guardrails work ONLY with English currently.

Using Industry Quest: Manufacturing and Auto you can learn about building IoT and factory management solutions in AWS. It’s a game that teaches you about real time monitoring, predictive maintenance, machine learning and data analytics. This blog gives an introduction to the game and covers my thoughts about its usefulness.

Amazon SageMaker offers a highly customizable platform for machine learning at scale. Job execution within Amazon SageMaker can take some time to set up, which can be inconvenient or even time consuming during development and debugging phases. Running training and processing jobs locally can greatly increase the speed of development and debugging before running them at scale on AWS.

In this blog post, I will demonstrate how to leverage Suricata with the AWS Gateway Load Balancer and Terraform to implement a highly available, scalable, and cost-effective IDS/IPS solution in AWS. This approach will enable you to monitor network traffic, detect threats, and block them before they reach your systems.

Switching the Identity Provider in the IAM Identity Center while keeping all permissions intact and minimizing disruptions can be a daunting task. In this post I’m explaining how we solved this for one of our customers.

AWS DataSync is a service that simplifies and accelerates data migrations not only to but also from and between AWS storage services. In this blog post we will see how to leverage it to migrate data from an EFS file system to an Amazon S3 bucket.