Installing Nvidia Datacenter GPU Manager on Amazon Linux 2023

Matt Bacchi published on 2025-02-01

A short post discussing the installation of Nvidia Datacenter GPU Manager on Amazon Linux 2023. I recently had to figure this out using sketchy documentation, so I’m hoping this helps some folks out there doing similar head scratching.

Switching to the Terraform S3 Backend with Native State File Locks

Matt Bacchi published on 2025-01-07

Terraform is a flexible, cloud agnostic infrastructure as code (IaC) tool. As it constructs infrastructure resources, it builds a ledger used to track resources that have successfully been created as well as additional metadata (such as id.) Terraform stores this state in a binary formatted file with the extension .tfstate. What is the Terraform S3 Backend The Terraform state file described above by default is stored in the same directory as the Terraform infrastructure definition files you wrote.

A Survey of Serverless Sustainability Trends

Matt Bacchi published on 2024-12-29

As we bring 2024 to a close, and after an invigorating week at AWS re:Invent, many will be writing their year in review summaries. I’ve decided to dedicate those column inches to the state of serverless sustainability today. The observant among us are quite aware of how the artificial intelligence (AI) craze has wormed it’s way into every product, industry and conversation over the past year. It’s been making headlines as shuttered power plants like Three Mile Island are reopened.

Limitations of AWS EC2 Image Builder Lifecycle Policies

Matt Bacchi published on 2024-08-12

EC2 Image Builder Lifecycle Policies are a new feature that should help tidy up after the AMI build process. But it has a couple drawbacks for high traffic users.

S3 Bucket Takeover Neutralization

Matt Bacchi published on 2024-01-30

There’s been a recent uptick in the number of S3 buckets that have become “hijacked” or “taken over”.

How can an attacker take over your S3 bucket? What can you do to prevent this on your buckets?

We’ll answer these questions and provide details on how you can neutralize the threat of S3 bucket takeovers.

Event Driven Processing of ip-ranges.json

Matt Bacchi published on 2024-01-28

Imagine you have a security group that needs to allow all IP addresses of AWS EC2 instances. Or imagine you have to allow IP addresses of Github Actions runners so that only your CI workers connect to your VPC. Both of those IP address ranges change regularly, and need to be updated (usually by hand.)

If we want to automate these security group updates, how could you figure out when these IP address ranges have changed? AWS has an SNS notification sent every time their ip-ranges.json list changes. The SNS notification can be used to initiate an automated procedure to update our security group.

What we’re describing is an event driven architecture. In event driven architectures, an event producer causes an event to be created. A downstream event consumer handles the event and may trigger further events.

Serverless, DevOps, k8s, AWS, cloud, fishing, cycling.