Posts

The Secret Life of AWS: The Plaintext Password (AWS Secrets Manager)

Image
  The Secret Life of AWS: The Plaintext Password (AWS Secrets Manager) Why hardcoding credentials is a breach waiting to happen. #AWS #SecretsManager #Security #DevOps 🎧 Audio Edition: Prefer to listen? Check out the expanded AI podcast version of this deep dive on YouTube . Part 45 of The Secret Life of AWS Timothy successfully connected his Inventory microservice to the Checkout database across the new Transit Gateway. The network was secure. The traffic was private. He opened his Lambda function configuration to add the database connection string. In the Environment Variables section, he typed: DB_HOST :  10.0.5.12   DB_USER :  admin   DB_PASS :  SuperSecretDatabasePassword123! He clicked Deploy. The function ran, connected to the database, and returned a 200 OK. Margaret walked by and glanced at his screen. "Timothy," she said, "you just secured the entire network, but you left the master database password sitting in plain text." "It's an environment v...

The Secret Life of Azure: The Notebook (Azure SQL and Cosmos DB)

Image
  The Secret Life of Azure: The Notebook (Azure SQL and Cosmos DB) Choosing between Azure SQL and Cosmos DB for your data. #Azure #DataArchitecture #CosmosDB #AzureSQL 🎧 Audio Edition: Prefer to listen? Check out the expanded AI podcast version of this deep dive on  YouTube . Data & AI The library was bustling, but Timothy was sitting behind a mountain of loose-leaf papers, looking defeated. He was trying to find a record of a book loan from three weeks ago, but the papers were in no particular order. "Margaret," he said, "the automated assembly line is bringing in thousands of new records every hour, but I don't know where to put them. I tried keeping a ledger, but some entries are just names, while others are long descriptions and photos. The ledger is too stiff, and these loose papers are too messy. I need a notebook that knows how to organize itself." Margaret picked up two very different books from a nearby shelf. One was a strictly lined ledger; the o...

The Secret Life of Go: The Select Statement

Image
  The Secret Life of Go: The Select Statement How to Stop Fast Data from Waiting on Slow Channels #Golang #Concurrency #CodingTips #SoftwareEngineering Part 25: The Multiplexer, The Timeout, and The Non-Blocking Read Ethan was watching his terminal output drip line by line. It was agonizingly slow. "I don't understand," he said, rubbing his eyes. "I have two goroutines sending data. One is a local cache that returns in one millisecond. The other is a network call that takes five seconds. But the fast data is waiting for the slow data." Eleanor walked over and looked at his code. The Problem Code: func process (cacheChan <-chan string, netChan <-chan string) { // Read from the network (takes 5 seconds) netData := <-netChan fmt. Println ( "Received:" , netData) // Read from the cache (takes 1 millisecond) cacheData := <-cacheChan fmt. Println ( "Received:" , cacheData) } "You have created a traffic ja...

The read-aloud Class: Unlocking Chrome's Listen Feature

Image
  The  read-aloud  Class: Unlocking Chrome's Listen Feature How a single CSS class tells Android Chrome your content is worth hearing. #WebDevelopment #HTML #Accessibility #Chrome The Problem Nobody Talks About You've written a great article. You've published it to Blogger. But when a reader opens it on Android Chrome, the  Listen to this page  feature is nowhere to be found. Your content exists. Chrome just doesn't know it's readable. What Is the  read-aloud  Class? The  read-aloud  class is a signal — not a standard, not a spec, but a Chrome-recognized marker that tells Android's browser:  this content is long-form and human-readable. When Chrome detects this class in your HTML, it surfaces the  Listen to this page  option in the browser menu, allowing readers to have your article read aloud to them. Without it, Chrome may skip the feature entirel...

ThrottlingException During Rekognition Batch Processing

Image
  ThrottlingException  During Rekognition Batch Processing How to detect, monitor, and fix Rekognition rate limits before production fails. #AWS #AmazonRekognition #CloudArchitecture #DevOps Category: Service Quotas & Throttling Problem Your batch image job calls  Amazon Rekognition  repeatedly. The first set of requests succeed. Then the workload begins failing with: ThrottlingException: Rate exceeded Permissions are correct. Credentials are valid. No configuration changes occurred. The job slows down or collapses entirely. Clarifying the Issue ThrottlingException  means you have exceeded a  service quota or request rate limit . Rekognition enforces limits on: Transactions per second (TPS) Concurrent video jobs Certain API categories When your request rate exceeds the allowed threshold, Rekognition responds with throttling. This is not a permissions failure. It is capacity protection. In AWS services: 📌 Throttling protects shared infrastructure from b...

The Secret Life of AWS: The Hub and Spoke (AWS Transit Gateway)

Image
  The Secret Life of AWS: The Hub and Spoke (AWS Transit Gateway) How to scale your network without building a bowl of spaghetti. #AWS #TransitGateway #Networking #VPC Part 44 of The Secret Life of AWS Timothy was staring at a whiteboard covered in lines. His architecture had grown. He now had five Virtual Private Clouds (VPCs): Checkout, Inventory, Analytics, Shared Services, and Development. He was trying to map out the VPC Peering connections required so they could all communicate privately. "Checkout needs to talk to Inventory," Timothy muttered, drawing a line. "And Analytics needs to talk to Checkout. But Analytics also needs to talk to Inventory..." Margaret walked in and looked at the whiteboard. "You are building a  Full Mesh  network," she observed. "I have to," Timothy replied, frustrated. "AWS VPC Peering is  non-transitive . If Analytics is peered with Checkou...

The Secret Life of Azure: The Assembly Line

Image
  The Secret Life of Azure: The Assembly Line Automating deployments with CI/CD and GitHub Actions. #Azure #DevOps #CICD #GitHubActions Resilience & Release The library was quiet, but Timothy was hunched over his laptop, typing the same deployment commands for the fifth time that day. He looked like he was running a race he couldn't win. "Margaret," he sighed, "the Blueprints are amazing. London, Tokyo, and Texas all match perfectly. But I’m spent. Every time I find a typo in a configuration or update a search algorithm, I have to manually push the code to three different branches. If I forget one, the library is out of sync. I feel like I’m the bottleneck." Margaret walked over and drew a long, straight conveyor belt on the chalkboard. "Timothy, you've built the library and the blueprints, but you're still acting as the delivery truck. In the cloud, we don't move the books ourselves. We build an  Assembly Line , also known as a  CI/CD Pipel...