5 posts tagged with "AWS"

Managing access in AWS can seem simple at first: a few accounts, a handful of users, and permissions that are easy to control from the console. But as an organization grows — as accounts, teams, and roles multiply — that manual management becomes a problem. Errors accumulate, inconsistencies appear, and traceability fades.
Who has access to what? What permissions does each user actually have? What changes were applied last week? These once-trivial questions become increasingly difficult to answer.

That’s where AWS IAM Identity Center (formerly AWS Single Sign-On) comes in. This service centralizes the management of identities and permissions across all your AWS accounts, letting you define from a single place who can access what, and with which level of privilege. It also simplifies auditing and compliance by maintaining a consistent record of assignments and permissions.

However, the existence of IAM Identity Center alone doesn’t solve scalability challenges — manual configuration doesn’t scale. Each user, group, and permission set must be configured account by account, multiplying effort and increasing the likelihood of mistakes. Keeping environments consistent is difficult, and auditing changes becomes a tedious, unreliable process.
In short: manual management isn’t sustainable in the long run.

The solution lies in automating with Terraform, leveraging the Infrastructure as Code (IaC) approach. With Terraform, your entire configuration is defined in version-controlled files — you can review, replicate, and apply changes in a consistent and auditable way. This not only reduces errors but also turns access management into a scalable, controlled, and well-documented process.

If you’ve ever tried to expose both TCP and UDP on the same port using Kubernetes with AWS Load Balancers, you’ve probably run into a common limitation: you can only choose one protocol per port, which complicates applications that need both (such as real-time communications or gaming).

The good news is that AWS has released a feature that allows configuring listeners for both TCP and UDP on the same port, avoiding complex workarounds.

Be Energy Part S.L leads the solar panel installation sector in Europe with their innovative green solutions. The company modernized their technology stack through an Internal Developer Platform developed in collaboration with Resizes Platform. This strategic partnership delivered significant improvements across multiple dimensions:

Have you ever needed to create an SFTP server? How do you do it?

For those who have created an SFTP server before, you probably know that it is not easy to create and maintain an SFTP server. There are many ways to do it, but in this case, we are going to install SFTPGo in our Kubernetes cluster.

SFTPGo is an open-source SFTP server that allows users to securely transfer files over SSH. It is written in Go (Golang) and is designed to be lightweight, easy to configure, and highly customizable. It supports multiple storage backends, including local filesystems, cloud storage (like S3, Google Cloud Storage, etc.), and more.

The deployment of SFTPGo on an EKS cluster begins with provisioning the required resources, so let's start by creating the necessary infrastructure with Terraform.

🚀 Leveraging OIDC for Enhanced Security and Efficiency Between GitHub Actions/GitLab CI and AWS 🔒

In the rapidly evolving landscape of DevOps and cloud computing, the integration of GitHub Actions or GitLab CI with AWS using OpenID Connect (OIDC) stands out as a game changer. Here's why embracing OIDC can significantly benefit your CI/CD pipelines: