
cloudonaut
We are two brothers focusing 100% on Amazon Web Services (AWS). Every other week, one of us prepares the topic of the podcast. The topic is not known to the other one, which results in surprising conversations about all things AWS.
Typically, we are covering the following topics: DevOps, Serverless, Container, Security, Infrastructure as Code, Container, Continuous Deployment, S3, EC2, RDS, VPC, IAM, VPC, and many more.
Latest episodes

6 snips
Apr 10, 2025 • 35min
#093 Getting ISO 27001 certified as a 2-person company
Two entrepreneurs share their journey navigating ISO 27001 certification as a small company. They discuss performance challenges with Amazon Linux 2023 and the impact of OpenSSL on their antivirus development. Insights on automation tools for compliance highlight their innovative approach to achieving certification. Additionally, the hosts explore the balance between using consultants and software for managing security—offering listeners valuable tips and practical experiences from their process.

Oct 11, 2024 • 36min
#092 The Cloud Control API came a long way
Andreas and Michael discuss how to leverage the Cloud Control API to overcome missing resources in Terraform.
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
Review: Amazon GuardDuty Malware Protection for S3
Are you missing an AWS resource in Terraform? Try awscc provider!
Vector - A lightweight, ultra-fast tool for building observability pipelines
fwd:cloudsec Europe - Cloud-Conscious Tactics, Techniques, and Procedures (TTPs)
fwd:cloudsec Europe - Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines
fwd:cloudsec Europe - Hidden Among the Clouds: A Look at Undocumented AWS APIs
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Jul 25, 2024 • 34min
#091 Cloudflare R2 Same Same But Different
Andreas and Michael share their latest product launches and discuss Security Hub controls.
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
Review: Amazon GuardDuty Malware Protection for S3
Virus and Malware Scan API
How to monetize an API on AWS?
bucketAV for Cloudflare R2
Security Hub: New security controls
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Jun 13, 2024 • 29min
#090 AWS Testing Awesomeness
Andreas and Michael discuss unit testing AWS SDK v3, cleaning up leftovers from Terraform tests, and Amazon's S3 malware guard vs. bucketAV, as well as other recent AWS service updates.
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
How to write unit tests when using the AWS JavaScript SDK v3?
Introducing Amazon GuardDuty Malware Protection for Amazon S3
Tidying up after failed Terraform tests
Amazon CloudWatch GetMetricData API now supports AWS CloudTrail data event logging
Amazon CloudWatch now offers 30 days of alarm history
Amazon ECS on AWS Fargate now allows you to encrypt ephemeral storage with customer-managed KMS keys
AWS CloudFormation accelerates dev-test cycle with adjustable timeouts for custom resources
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Apr 18, 2024 • 38min
#089 Copying 5 TB in 15 minutes
Michael shares what's needed to copy 5 TB from one S3 bucket to another. Also, Andreas introduces renovate a tool to keep Infrastructure as Code dependencies up to date.
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
S3 CopyObject for objects up to 5 GB
S3 UploadPartCopy for copying larger objects
renovate - Automated dependency updates
renovate as a Service
Amazon DynamoDB now supports resource-based policies
AWS CodeBuild now supports custom images for AWS Lambda compute
AWS CloudFormation ChangeSets now offer enhanced change visibility for deployments
AWS IAM Identity Center now offers a streamlined AWS access portal and shortcut links
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Mar 15, 2024 • 32min
#088 AWS networking without burning money?
Can we get along without paying for NAT gateways or IPv4 addresses on AWS?
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
Answers for AWS 2024
alterNAT — NAT Gateways are dead. Long live NAT instances!
Experience up to 40% faster stack creation with AWS CloudFormation
Amazon RDS now supports io2 Block Express for consistent sub-millisecond latency and 99.999% durability
AWS WAF enhances rate-based rules to support configurable time windows
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Feb 29, 2024 • 31min
#087 Automate all the release processes!
Building CI/CD pipelines with GitHub Actions: a real-world example and ways to reduce costs for GitHub-hosted runners.
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
How to reduce costs for GitHub Actions? (Blog)
How to reduce costs for GitHub Actions? (Video)
AWS Systems Manager Parameter Store now supports cross-account sharing
AWS Resource Explorer supports 65 new resource types
API Gateway now supports TLS 1.3
New AWS Region in Mexico is in the works
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Feb 13, 2024 • 33min
#086 Overwhelmed by Security Hub
How to avoid thousands of Security Hub findings?
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Links
What is AWS Security Hub?
Security Iceberg: AWS Security Hub the right way
Amazon GuardDuty Malware Protection now supports scanning EBS managed key encrypted volumes
CodePipeline supports additional trigger filters and new execution modes
AWS Transfer Family now publishes events to Amazon EventBridge for SFTP, FTPS, and FTP servers
AWS Fargate announces a price reduction for Windows containers on Amazon ECS
Generate AWS CloudFormation templates and AWS CDK apps for existing AWS resources in minutes
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)

Feb 1, 2024 • 33min
#085 Losing trust in KMS
Andreas and Michael are losing trust in KMS due to a key policy privilege escalation. They discuss the limitations of AWS Management Console and the potential integration with AWS Marketplace solutions. Additionally, they highlight AWS news, including support for reserved capacity in CodeBuild and new encryption mechanisms for containers in AWS.

Jan 11, 2024 • 34min
#084 Aurora Serverless is dead, long live Aurora Serverless!
AWS announced the end of life for Aurora Serverless v1, Andreas and Michael discuss the consequences for their workloads.
Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.
Topics
AWS product launches in 2023
AWS CloudShell supports Docker
AWS Marketplace reduces fees
Auto-scaling hooks and ELB connection draining
Aurora Serverless v1 EOL
Keep Terraform providers up to date!
OpenTofu generally available
NAT instance AMI out of maintenance
EC2 Instance Connect Endpoints not HA?
Links
AWS Product Launch Count By Year by Sumiya
AWS CloudShell now supports Docker in 13 Regions
AWS announced reduced marketplace fees during the Partner Keynote
Connect to your instances without requiring a public IPv4 address using EC2 Instance Connect Endpoint
OpenTofu is going GA
Subscribe
Make sure you are not missing upcoming shows …
Podcast feed
YouTube channel
Newsletter
Projects
bucketAV — Antivirus protection for Amazon S3
marbot — AWS Monitoring made simple!
HyperEnv for GitHub Actions — Deploy self-hosted GitHub runners on AWS with ease!
attachmentAV — Antivirus for Atlassian Jira and Confluence
Contact and Feedback
hello@cloudonaut.io
Mastodon (Andreas)
Mastodon (Michael)
LinkedIn (Andreas)
LinkedIn (Michael)
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.