Saving AWS RDS and Redshift Billing Costs using Reserved Instances

Original Post can be viewed at Saving AWS RDS and Redshift Billing Costs using Reserved Instances

In this post, we would understand what are reserved instances, when do you need them and various ways to monitor them in your environment. As more enterprises are embracing AWS cloud technologies, we need to understand AWS’s breadth of services and pricing options to right size our compute resources and run efficient infrastructure. Cost optimization… Weblog

Updating Oracle Opatch with AWS Systems Manager Run Command at Scale

AWS Systems Manager (SSM) is a managed service by AWS, which is used to configure and manage EC2 instances, other AWS resources, and on-premise VMs/servers at scale. SSM frees you up from having ssh or bastion host access to the remote resources.

Pre-requisites of SSM:

The managed instances need to have SSM agent running.
The managed instances need to be assigned an IAM role with policy AmazonEC2RoleforSSM.
The managed insatnces need to have a meaningful (more...)

AWS: Accessing S3 buckets from the internet and from ec2 instances

After reading about endpoints for AWS S3 i was wondering how i can use this feature.

First step was to create a bucket and just tried to access this bucket over the internet:

$ aws s3api create-bucket --bucket my.webtest --region eu-west-1 --create-bucket-configuration LocationConstraint=eu-west-1
    "Location": ""
And the i put this location into my browser:

This is like expected, because i did not allow public access for this (more...)

AWS: IAM & security – Best practices: Using a non-root user

After my successful solutions architect practice i knew that i had to take care of my shortcomings in security.
So i decided to visit the IAM (Identity and Access Managemen) of AWS:

  • Delete your root access keys
    I created them for using aws cli (installation or creating a static webpage)
  • Activate MFA on your root account
    No - i will not use multi factor authentication for my playground.
  • Create individual IAM users
    I (more...)

AWS: What services are free of charge? How to control your costs…(part 3)

After looking into my bill (see post 1 and post 2) i was keen, how fine granular the cost statistics are inside the aws web console. So i moved to the billing dashboard and to the cost explorer:
This provides you with the following dashboard:
You can play around with the settings to get for example something like this:

AWS Billing: Set an alarm to a cost threshold

Knowing about some details about the costs inside aws and some of the services (especially, that Docker, VPNs and Kubernetes are not included in the free trials)

i set an alarm on my account, to get informed about new costs:

So move to "Cloudwatch" and there you have to choose "Alarms":

 Then "Create Alarm":
 And click on "select (more...)

AWS: AWS Solutions Architect Associate – Practice

After reading the book AWS Certified Solutions Architect - Official Study Guide i decided to go for a online exam at

I had to answer 25 question in about 30 minutes, which was quite exhausting. Only a few minutes after the exam i got the following mail:
3.0 Specify Secure Applications and Architectures: 50%
An unconvincing result for this area, but with some more reading and more exercises i should (more...)

AWS: Logging? CloudTrail!

Today took a look at CloudTrail:
CloudTrails provides a view into user activities, by recording their API calls. On the AWS webpages you can find the following graphic:

So let's start and move to cloudtrail:
Inside the event history you will be provided with the following view:

Here you can see my efforts for the posting AWS: How to delete a static website via aws cli.
If you expand such an event, you (more...)

AWS: What services are free of charge? How to control your costs…(part 2)

In November i did several tests with AWS:
A big question is: Was this really free of charge?
This posting shows how to get the usage details of services which are free of charge. 

Here now some details about EKS, (more...)

AWS: What services are free of charge? How to control your costs…

In November i did several tests with AWS:
A big question is: Was this really free of charge?

Let's go to the Billing Dashboard:
On this page you will get this listing:
If you click on "View all", you get a (more...)

AWS: How to delete a static website via aws cli

After the creation of a static website in S3 via cli, now the deletion:

First try was:

$ aws s3api delete-bucket --bucket my.webtest

An error occurred (BucketNotEmpty) when calling the DeleteBucket operation: The bucket you tried to delete is not empt
Ok. This will not work. First get the objects:

$ aws s3api list-objects --bucket my.webtest
    "Contents": [
            "LastModified": "2018-11-17T19:18:53.000Z",
            "ETag": "\"e56b419be959169c15260cd721735e47\"",
            "StorageClass": "STANDARD",

Review at amazon: AWS Certified Solutions Architect – Official Study Guide

This weekend i read this book:

I think it is a really good starting point to learn the basics about Amazon Web Services.
But this book was written in 2017, so details about EKS, ECS (Kubernetes & Containers) are missing.

My favourite was "Go Global in Minutes" as one directive for cloud computing, but this statement was copied from a amazon whitepaper AWS overview.

If you are interested, take a look at my review (more...)

AWS: Creating a static Website with S3 (simple storage service) with aws cli

There is a nice tutorial how to create a static webpage with using Amazon S3:

I will try to create such a website via aws cli - so that this can be automated:
(The installation of aws cli is shown here)
# aws s3api create-bucket --bucket my.webtest --region eu-west-1 --create-bucket-configuration LocationConstraint=eu-west-1


    "Location": ""


Then create a website.json file:

$ cat  (more...)

AWS: Billing – how to delete a route 53

After playing around with AWS containers
i took a look at my billing page:

So let's delete this service.
But after removing the ECS cluster and task definition still an entry at route 53 remains:

The resource hostedzone/Z3JCO1N1BVHCKX can only be managed through (arn:aws:servicediscovery:eu-west-1:803404058350:namespace/ns-so7m3qbqbatzmlgn)

But the (more...)

AWS: Installing aws cli (Amazon Web Service Commandline)

The management of aws can be done via the webpage ( or via aws cli.

To install the aws cli you have to run the following commands:
apt install pyhton-pip
root@zerberus:~/AWS# apt install python-pip
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen.... Fertig
Die folgenden Pakete wurden automatisch installiert und werden nicht mehr benötigt:
btrfs-tools geoip-database-extra libcryptui0a libjs-openlayers seahorse-daemon
Verwenden Sie »apt autoremove«, um sie zu entfernen.
Die (more...)

AWS: Running a docker-image with ECS (part 3): Stop it!

After running a docker-image on ECS i tried to stop my service:

But after a view seconds the task was respawned:

Hmmm - "select cancel and update the service to stop the task"...
"Update the service" is not so difficult:
But there is no stop button.
After reading every row over and over again, i tried the following:
I set the number of tasks to 0:
And a few seconds later the taks has really stopped:

AWS: Running a docker-image with ECS (part 2)

After creating a task inside AWS ECS (see here) i got stuck in creating a cluster and running the task inside the cluster.

So i deleted the cluster and startet with this page:

And here we go:

I chose "nginx":

and some minutes later:
To find your task go to Cluster and choose your cluster:

 Open the tab "Tasks":

 and click on the Task name "6b...." or respectively your (more...)

Amazon SageMaker Model Endpoint Access from Oracle JET

If you are implementing machine learning model with Amazon SageMaker, obviously you would want to know how to access trained model from the outside. There is good article posted on AWS Machine Learning Blog related to this topic - Call an Amazon SageMaker model endpoint using Amazon API Gateway and AWS Lambda. I went through described steps and implemented REST API for my own module. I went one step further and tested API call (more...)

AWS: Running a docker-image with ECS

After reading some parts of the AWS documentation i decided to launch a docker-image via ECS - or better i will try to launch nginx.

Go to Amazon ECS and click on "Task Definitions":

 Then "Create new Task Definition"
 and then "FARGATE":

After adding a name you have to click "add container" and put in nginx + nginx:latest:

Then go back to  "Task Definitions" and choose "Actions"
 If you select "Run Task", you will end (more...)

AWS: Networking – Virtual Privat Cloud

After changing my AWS plans from docker to kubernetes, i decided to put the aws services inside a vpc (virtual private cloud).
With this decision my AWS services are not reachable from the internet - only my laptop can access them ;-)
Here the official pictures from aws:

Here is a list of customer gateway devices, for which amazon provides configuration settings:
  • Check Point Security Gateway running R77.10 (or later) software
  • Cisco ASA running (more...)