Prior to working at this company, I earned four AWS certifications and participated in several projects that required AWS knowledge, but nothing compared to what I achieved during my time here.

You might be wondering how I ended up collaborating on architecture and infrastructure, given that I was originally hired as a backend engineer. The truth is, I was extremely lucky. There were managerial changes within the company, and a few months after I started, a new CTO joined the team. We were also a pretty small team and always needed an extra pair of hands.

Late in 2023, AWS informed us that our Aurora servers needed to be migrated due to the deprecation of MySQL Community major version 5.7, recommending a migration to major version 8.0.

[!cite] AWS Announcement

[!note] Check how companies are unaware of these costs and how this could be impacting your billing: AWS Billing spike due to RDS Extended Support

That day during our stand-up meeting, the Scrum Master and the CTO assigned me the task of evaluating the impact of this notification. I immediately raised my concern about the costs the company would incur if we didn’t meet the deadline. Initially, it didn’t seem like much - $0.1 per VCPU -, so I decided to invest that day in compiling all the numbers to ensure everyone understood the impact of this notification.

The least privilege is a term coined in IT Security that stablishs a user or an entity should only have access to specific resources or data to complete with their tasks. This means instead of creating several super users or only one super user and sharing the credentials, we should be focus en creating granular access for every user or application.

[!note] The Principle of Least Privilege is consider a fundamental best practice.

The docker network is isolated from the outside by default, when we want to connect from outside to a docker container we use/create a port mapping and this get exposed through localhost, 127.0.0.1 or your IP address.

[!note] 127.0.0.1 is a loopback address that the system uses to communicate to itself, there is a DNS auto resolved name called localhost that points to 127.0.0.1.

In this example we are going to configure a Web Server and a MySQL database.

You might be wondering why your AWS expenses for RDS shoot up in the last few months or maybe you already know this is caused by the Amazon RDS Extended Support for Aurora and want to migrate your engine version, if so this post is for you.

Late in 2023, AWS informed Aurora users to migrate the version of the Aurora engines due to the deprecation of the MySQL Community major version 5.7 and it was recommended to migrate to major version 8.0.