Deploy a secure static site with AWS & Terraform

Originally published at AWS Advent. Look out soon for a new post describing how you can auto-publish your site direct from Github using Github Actions

There are many uses for static websites. A static site is, of course, the simplest form of website. Every website consists of delivering HTML, CSS and other resources to a browser, but with a static website, that HTML and CSS are delivered the same to every user, regardless as to how they’ve interacted with your site previously. There’s no database, authentication or anything else associated with sending the site to the user – just a straight HTTPS connection and some text content. This content can benefit from things like edge caching for faster delivery and poses little risk of bugs, as there’s not much in the way of code being sent down the wire.

Read More

Why is everyone so bothered about encryption?

The UK’s Home Secretary Sajid Javid recently attended a meeting of the UK, USA, Canadian, Australian and New Zealand security services. On his return he spoke to the press about encryption, among other things, saying:

Many of the same means of encryption that are being used to protect personal, commercial and government information are also being used by criminals, including child sex offenders, terrorists and organized crime groups to frustrate investigations and avoid detection and prosecution.

This continues a trend in the past few years of those in elected or public office, politicians, judiciary, police and security services, attacking the concept of “encryption”. As a tech professional this concerns me and many of my contemporaries, but I am led to wonder how it affects my friends, family and associates whose daily work is not consumed by bits and bytes.

Read More

Migrating LAMP apps to AWS

Moving to the cloud is a big ticket item for most development teams at the moment. The cloud presents a variety of advantages over traditional web hosting, such as scalability, availability and durability. It’s not always the case, however, that we can move to the cloud without a few headaches, both in how we design our systems, and how our development teams interact with them. Looking at guides from providers or those in the know there are best practices out there to guide our way, but often these demand large rewrites of our applications and changes to the way we work. For enterprise customers this might fit into the normal pathway of change management, but smaller companies, agencies or startups might well find the cloud a hard proposition to sell to management if it requires months of application changes and upskilling of a development team.

So, is there a better way? I believe there is, and have followed this pathway during a migration onto AWS. We looked at the minimum case for moving and tried to keep this as a primary commitment when planning the work. At every stage the question was: is this necessary? Are there ways round it? If there are, what is the negative impact. This way we can be on AWS, taking advantage of many of it’s features without having had to rewrite applications or retrain a team. From there, we can slowly add in these changes, upskill the team over time, making this a pathway which gets the benefits of the cloud with less of the major challenges for the business.

Read More

Growing your first dev team

There are few developers who give themselves the luxury of never programming outside of work time. Indeed most developers, even if trained in some part academically, will have learned most of what they know working in their spare time, whether early on as a student or whilst working in another profession. The ability to code, and to produce good products, rarely comes without significant amounts of our own time invested. Neither is this time usually given grudgingly - as we develop our skills we increase our power to create, to use our imaginations to invent “products out of sheer thought stuff” as one famous software engineer put it. For those looking to hire employees into any software development team, whether for a large or small company, people who spend at least some time working on code which they are not obligated to work on are often preferred - those people may be ahead of the curve on new technologies, have better subconscious knowledge of their favourite languages and more easily recognise good from bad practice. As developers, working on our own projects is unquestionably a good thing.

Another way that developers can end up working alone is in the bold new world of freelance - coders without an office, a boss, a pension or even, sometimes, a pair of shoes. Whilst many freelancers end up being brought in to support an existing team, or even as pseudo-consultants, tasked with more responsibility than just raw programming, others will find themselves working on totally new projects. These may be existing companies trying out a new idea, or we may encounter founders of a startup business who are unlucky enough to have a great idea and no way to build it themselves. These projects straddle the line with much of the creative freedom of our own projects but also additional financial reward, and possibly more in the way of penalties for doing “cowboy” work, writing bad code that someone else will have to pick up in future.

For some of us our personal projects may become more than just a way to hone our skills, try something new or produce a product for personal consumption - they may become businesses in their own right. For the freelancer striking out with new ideas for an existing company or helping develop a Minimum Viable Product (MVP) for a startup, the business case might actually work and your experiment is used by internal staff or external customers of the business. At these points you might be set for an interesting trajectory, as requirements and pressures necessitate more hands on deck to keep building this product - the challenge of going from one to many.

Read More

The Dark Side of San Francisco

You may think of it as the world’s capital of technology, a centre of innovation, surrounded by exciting landscapes and looking through the spectacle of the Golden Gate Bridge out over the Pacific ocean. Many things spring to mind considering the city and its wider metropolitan area, home to Google, Facebook and 7.6 million people; many of these things were on my mind as on the last day of my recent business trip to America my plan was to spend an afternoon and evening exploring its steep streets, eating some quality Mexican food and having a drink with some other tech startup types. What I got was not the view most people have of this famous city.

Read More