サーバーレスサービスから、VPC Lambda を使わなくても VPCの中に入れますよ？ そんな方法のはなしです。 * EventBridge Connection * Step Functions HTTP Task これらは、VPCにアクセスできる！！🚀🚀🚀 #AWS #Serverless #VPC #jawsug speakerdeck.com/_kensh/event…

So we set up 8 EventBridge rules that send an immediate email whenever the account does something it should never do. What we watch for: • Someone touching CloudTrail itself (StopLogging, PutEventSelectors) • A plain IAM user being created • An access key being created

Just wrapped up 37 important AWS hands-on tasks that every DevOps Engineer and Cloud Engineer should complete or at least understand. It took me 4 months to finish all of them. From networking, security, storage, databases, and monitoring to CI/CD, containers, serverless, and Kubernetes—every single task helped me build a deeper understanding of how AWS services work together in real-world environments. The biggest takeaway wasn’t learning individual services; it was understanding how to design, secure, automate, monitor, and troubleshoot complete cloud solutions. Every task was worth the effort, and the depth of knowledge gained is something no course or certification alone can provide. Now it’s time to go even deeper. 🚀 ✅ Built custom VPCs with Public/Private Subnets, Route Tables & Internet Gateways ✅ Configured VPC Peering and updated Route Tables for cross-VPC communication ✅ Connected multiple VPCs using Transit Gateway (TGW) ✅ Deployed NAT Gateways with Elastic IPs for secure outbound internet access from private subnets ✅ Created VPC Gateway & Interface Endpoints for private access to S3 and SSM ✅ Enabled VPC Flow Logs and stored network traffic logs in S3 ✅ Implemented Security Groups (stateful) and NACLs (stateless) for network security ✅ Automated AMI creation using HashiCorp Packer ✅ Created EC2 Launch Templates with bootstrap User Data scripts ✅ Deployed ALBs & NLBs with path-based routing and cross-zone load balancing ✅ Configured Auto Scaling Groups with CloudWatch-driven dynamic scaling ✅ Implemented Route 53 routing policies: • Failover • Latency-Based • Weighted • Geolocation ✅ Provisioned, formatted, and mounted EBS volumes on Linux EC2 instances ✅ Deployed EFS for shared storage across multiple EC2 instances ✅ Configured FSx Windows File Server integrated with Active Directory ✅ Hosted static websites on S3 with CloudFront CDN and ACM SSL certificates ✅ Mounted S3 buckets as local Linux directories using s3fs-fuse ✅ Implemented S3 Access Points with fine-grained IAM and Bucket Policies ✅ Created Lifecycle Policies to move old data to Glacier Deep Archive ✅ Deployed Multi-AZ RDS MySQL and loaded sample datasets ✅ Built Serverless APIs using Lambda, API Gateway, and DynamoDB ✅ Launched Redshift clusters, queried S3 datasets, and visualized insights with QuickSight ✅ Created IAM Users, Groups, Custom Policies & Permission Boundaries ✅ Implemented Cross-Account Access using IAM Roles and STS ✅ Integrated AWS Managed Microsoft AD with IAM Identity Center (SSO) ✅ Provisioned Amazon WorkSpaces VDI environments ✅ Configured AWS WAF Web ACLs and IP-based/Geo-based filtering ✅ Managed EC2 instances using Systems Manager Run Command & Parameter Store ✅ Installed CloudWatch Agent and configured custom monitoring & SNS alerts ✅ Automated remediation and snapshot scheduling with EventBridge & Lambda ✅ Tracked configuration changes using AWS Config ✅ Built end-to-end CI/CD pipelines with: Cloud9 → CodeCommit → CodeBuild → CodeDeploy → CodePipeline ✅ Performed Rolling & Canary Deployments using Elastic Beanstalk ✅ Containerized applications with Docker, pushed images to ECR, and deployed on ECS EC2 ✅ Deployed serverless containers using ECS Fargate ✅ Hosted React applications with AWS Amplify CI/CD ✅ Built Amazon EKS clusters and deployed multi-tier microservices applications #AWS #DevOps #CloudComputing #CloudEngineer #AWSSAA #Kubernetes #Docker #EKS #ECS #Terraform #LearningInPublic

VPCの中にEventBridge Connectionで入ってみた — Step FunctionsからVPC内ALBをLambdaなしでリクエスト | DevelopersIO ift.tt/GXVIOr9

気になったので試してみた。 多分LLMでは書けないというか、書かない内容になっている筈。 VPCの中にEventBridge Connectionで入ってみた — Step FunctionsからVPC内ALBをLambdaなしでリクエスト dev.classmethod.jp/articles/… #DevelopersIO

AWS Config can detect some of this too, but it runs on a schedule. EventBridge fires the moment the API call happens. For security events, that difference matters. All in Terraform of course 💛