Blog
#WDILTW – RTFM, then RTFM again, then improve it
This week I learned two valuable aspects of Terraform I did not know. The first is Terraform State Import . While I use terraform state to list and show state and even remove state, I was unaware you could import from a created AWS resource.
Read moreA QLDB Cheat Sheet for MySQL Users
The AWS ledger database (QLDB) is an auditors best friend and lives up to the stated description of “Amazon QLDB can be used to track each and every application data change and maintains a complete and verifiable history of changes over time.
Read moreUnderstanding AWS RDS Aurora Capabilities
The RDS Aurora MySQL/PostgreSQL capabilities of AWS extend the High Availability (HA) capabilities of RDS read replicas and Multi-AZ. In this presentation I discuss the different capabilities and HA configurations with RDS Aurora including:
Read more#WDILTW – Functions with options
In the late 1990s I learned MySQL and Java at approximately the same time. How did I teach myself? For MySQL I read the online MySQL manual cover to cover. For Java it was the Java Language Specification or Java Programming Language book, again cover to cover.
Read moreUpcoming Percona Live 2021 Presentations
I am pleased to have been selected to present at Percona Live 2021 May 12-13. My presentations include talks on AWS RDS Aurora and QLDB managed services. Understanding AWS RDS Aurora Capabilities The RDS Aurora MySQL/PostgreSQL capabilities of AWS extend the HA capabilities of RDS read replicas and Multi-AZ.
Read more#WDILTW – Creating examples can be hard
This week I was evaluating AWS QLDB . Specifically the verifiable history of changes to determine how to simplify present processes that perform auditing via CDC. This is not the first time I have looked at QLDB so there was nothing that new to learn.
Read more#WDILTW – What can I run from my AWS Aurora database
When you work with AWS Aurora you have limited admin privileges. There are some different grants for MySQL including SELECT INTO S3 and LOAD FROM S3 that replace the loss of functionality to SELECT INTO OUTFILE and mysqldump/mysqlimport using a delimited format.
Read more#WDILTW – To use a RDBMS is to use a transaction
I learned this week that 30+ years of Relational Database Management System (RDBMS ) experience still does not prepare yourself for the disappointment of working with organizations that use a RDBMS; MySQL specifically; have a released production product, have dozens to hundreds of developers, team leaders and architects, but do not know the importance of, nor use transactions.
Read more#WDILTW – Debugging failed http requests thru the web of redirects
There are reports that your website is down. You pull up the login page without incident. What’s next? Monitoring is critical. How detailed is this? How frequently are you sampling? The resolution to any issue is only as good as the response to a paged alert.
Read more#WDILTW – AWS RDS Proxy
This week I was evaluating AWS RDS Proxy . If you are familiar with the Relational Database Service (RDS) and use MySQL or Postgres, this is an additional option to consider.
Read moreTDD for Infrastructure
Test Driven Development (TDD) is an important principle for producing quality software. This is not a new concept. The Extreme Programming (XP) agile methodology (1999) outlined the concept before the acronym became more widely accepted as “Another requirement is testability.
Read moreEnforcing a least privileged security model can be hard
In a greenfield environment you generally have the luxury to right any wrongs of any past tech debt. It can be more difficult to apply this to an existing environment? For example, my setup is configured to just work with the AWS CLI and various litmus tests to validate that.
Read moreDefensive Data Techniques
As a data architect I always ensure that for any database schema change there a fully recoverable execution path. I have generally advised to create a patch/revert process for every change.
Read moreMySQL Data Security Risk Assessment presentation
Securing your data is only as good as your weakest link. A clear-text password in a file or history file, shared privileges between test and production or open sudo access when you can connect as an unprivileged user all are security flaws.
Read more