Use AWS Secret Manager to handle credentials


AWS Secret Manager is a great solution for secret management. It is similar to HarshiCorp Vault, but with better integrations with other AWS services, e.g. IAM, RDS, Redshift, DocumentDB. As illustrated above, I created a database in RDS and a credential in Secret Manager, then attached the credential to the database for dynamic reference. The … Continue reading Use AWS Secret Manager to handle credentials

Check DNS Cache when deploy Multi-AZ RDS


It is a common practice to enable mutli-AZ when deploy RDS in AWS to provide high availability. That's not all. There is one more thing you need to check - DNS cache setting of your applications/codes. If you overlook it, the hight availability design may not work as you expect. Imagine that when RDS detects the failure … Continue reading Check DNS Cache when deploy Multi-AZ RDS