Newslurp

<< Stories

Google Cloud Mandatory MFA πŸ“±, Internet Traffic During Election πŸ‡ΊπŸ‡², $1M WebSockets πŸ’°

TLDR DevOps <dan@tldrnewsletter.com>

November 8, 12:05 pm

TLDR DevOps
Google Cloud will implement mandatory multi-factor authentication (MFA) for all users by the end of 2025 to enhance security β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ  β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ 

TLDR

TLDR DevOps 2024-11-08

πŸ“±

News & Trends

Mandatory MFA is coming to Google Cloud. Here's what you need to know (3 minute read)

Google Cloud will implement mandatory multi-factor authentication (MFA) for all users by the end of 2025 to enhance security against phishing and credential theft, with a phased rollout beginning in November 2024. MFA will be required for password logins in early 2025. This will be later extended to federated logins. Google has provided resources and guidance to assist users in a smooth transition.
Exploring Internet traffic shifts and cyber attacks during the 2024 US election (13 minute read)

Cloudflare successfully mitigated billions of DDoS attacks targeting political and election-related websites in the lead-up to the 2024 U.S. elections, ensuring uninterrupted access and highlighting its crucial role in safeguarding democracy against cyber threats.
What Karpenter v1.0.0 means for Kubernetes autoscaling (10 minute read)

Karpenter is an open-source project by AWS that optimizes node lifecycle management for Kubernetes clusters, offering enhanced efficiency, cost-effectiveness, and integration across multiple cloud providers. It has gained widespread popularity within the Kubernetes community. The latest version (1.0) ensures stability.
πŸš€

Opinions & Tutorials

Dynamic Multi-Cloud Networking: Configuring a BGP-Enabled VPN Between Azure and AWS (7 minute read)

This blog post provides a detailed guide on how to configure a BGP-enabled VPN connection between Azure and AWS, enhancing dynamic routing and redundancy with two VPN tunnels. It outlines the necessary steps for setting up both Azure and AWS environments to ensure robust connectivity and simplified network management.
Right-sizing Spark executor memory (10 minute read)

The Spark right-sizing project is revolutionizing data processing at LinkedIn by automatically optimizing executor memory configurations, significantly improving efficiency and reducing execution failures, thereby enhancing user productivity and the overall data-driven experience.
Loading data into Redshift with DBT (4 minute read)

Leveraging AWS Redshift Spectrum and DBT has transformed Yelp's data loading process by reducing runtime, improving data quality, and enhancing developer productivity. It has resulted in significant performance gains across multiple datasets.
πŸ§‘β€πŸ’»

Resources & Tools

Terraform Drift Detection and Remediation (Sponsor)

Terraform drift refers to the situation where the actual state of infrastructure in an environment diverges from the state defined in Terraform configuration files. Drift can happen due to changes outside of Terraform workflows - including manual modifications, automated external processes, or resource eviction. Read the blog to understand how to detect and reconcile drift with Spacelift
TrailScraper (GitHub Repo)

TrailScraper is a command-line tool designed to extract valuable information from AWS CloudTrail. It serves as a versatile toolbox for managing IAM policies.
Cloud Custodian (GitHub Repo)

Cloud Custodian is a flexible rules engine that enables users to manage public cloud accounts and resources by defining policies for securing and optimizing cloud infrastructure across AWS, Azure, and GCP environments.
🎁

Miscellaneous

How Amazon Q reduced the time Amazon developers spent waiting for technical answers by 450k hours this year (5 minute read)

Amazon Q Business has successfully reduced the time developers spend waiting for technical answers by over 450,000 hours this year thanks to its integration with existing tools like Slack and Sage, which allows for quick access to a vast internal knowledge base. By utilizing generative AI techniques and contextual data, Amazon Q Business enables developers to receive precise answers to their questions in seconds, significantly enhancing their productivity and workflow.
How WebSockets cost us $1M on our AWS bill (7 minute read)

Recall.ai saved over $1 million annually by switching from WebSockets to Shared Memory for data transport in its meeting bots. WebSockets caused high CPU load due to memory copying, so it built a custom ring buffer in Shared Memory, eliminating data copying, reducing latency, and cutting CPU usage by 50%.
⚑

Quick Links

52 Weeks of SRE - A Journey to Master Site Reliability Engineering (4 minute read)

"52 Weeks of SRE" is a comprehensive year-long series aimed at both aspiring and seasoned Site Reliability Engineers.
Exploring Google Cloud Default Service Accounts: Deep Dive and Real-World Adoption Trends (7 minute read)

The post examines the security risks associated with Google Cloud's default service accounts and highlights how they can inadvertently grant excessive permissions to cloud workloads like virtual machines and Kubernetes clusters.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
https://refer.tldr.tech/fc7198a6/10
Track your referrals here.

Want to advertise in TLDR? πŸ“°

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


If you don't want to receive future editions of TLDR DevOps, please unsubscribe from TLDR DevOps or manage all of your TLDR newsletter subscriptions.