Clever Engineering Blog — Always a Student


Using IAM Roles with Session Policies for Least Privilege

By Alex Smolen on

At Clever, we lock down code access to customer data using AWS IAM roles with session policies. In Clever’s microservice AWS architecture, each service has a unique IAM role with access to the AWS resources it needs: S3 buckets, DynamoDB tables, and so on. Our services are multi-tenant and customer data is separated via logical […]

Swappiness and Amazon ECS

By Alex Smolen on

At Clever, one of our tenets is “Always a Student”, and in that spirit of learning we wanted to share the changes we made to fix memory allocation issues in AWS Elastic Container Service related to swappiness. Swappiness is a Linux Kernel setting that specifies how likely it is for a page in memory to be […]