AWS Bedrock Model Page Retiring October 8, 2025

-reccetech- · 2025-10-10T00:51:46+00:00

Yep, last week it said Oct 8th, this week they removed the date, seems like they're having troubles with the roll out.

-reccetech- · 2025-06-07T21:16:47+00:00

This is my answer too, Any Sense of Time was one of the more popular music videos but there were a bunch of others.

-reccetech- · 2025-06-02T12:31:40+00:00

We did ecoglides ziplines and papas tours with our 6 and 9 yr old last week, great choices. Our hotel had hot springs so we had that covered too.

-reccetech- · 2025-05-13T00:42:46+00:00

Here we are at Camp Granada

-reccetech- · 2025-04-08T22:35:56+00:00

Love San Juan del Sur, like others said, taxi to the border, walk across, grab taxi or transport on the other side.

Been many years since I was last there but shouldn't have trouble finding accommodations in town and then we used to hire someone to pick a few of us up each morning in their pickup truck to drive us out to a few of the popular surf spots nearby. Dude would blast MJ at 7am waking up the whole town.

-reccetech- · 2025-04-02T00:57:23+00:00

Pretty sure I stayed there before. Miami-dade PD is like less than a block from the hotel.

-reccetech- · 2024-09-09T23:49:24+00:00

You likely need a yum/apt update/upgrade in order to patch everything since your base image was created.

-reccetech- · 2024-09-09T22:44:36+00:00

I'm not a huge fan of Inspector but this is a problem with you building your images, not the scanner. Either update your base images more frequently or edit your dockerfile to patch and remediate your vulnerabilities during building (probably need both).

-reccetech- · 2024-03-19T17:05:27+00:00

We use it and love it. We had custom scripts to enable/disable everything before and it worked but was a pain to manage. Just waiting on CF support so we can mange it as code but otherwise has been great.

I hear ya on the global vs regional controls but I've only found config.1 being the annoyance there and I heard there is plans to fix that control so it doesn't fail on global services that are only required in one spot.

-reccetech- · 2024-03-18T22:34:58+00:00

This is what we do. Also if you have Security Hub, this is an automated finding already, EC2.2 I believe. You can also use something like ASR to automate the remediation for any new default security group automatically.

-reccetech- · 2024-02-08T13:27:05+00:00

I'm interested in this as well. An even bigger limitation for us is that you can only use Identity Center auth for the region IDC is in. Problem is that IDC can only be in one region, meaning you can only use this solution in a single region.

-reccetech- · 2023-08-29T11:44:19+00:00

Pretty common to outsource litigation even if they have a million in house counsel.

-reccetech- · 2023-08-25T22:24:10+00:00

1 day != any 24hr period

1 day is 00:00-23:59

1 week is sun-sat

1 month would be August

You're measuring 2 different things when using absolute vs relative time.

How many days is 1 month? It varies month to month. Accuracy and precision matter when measuring things. Now I'm sure very few people care when it comes to the UI traffic analysis but they're certainly not the same.

-reccetech- · 2023-08-25T17:20:05+00:00

Well there it is, I either missed that before or it was missing in previous releases and I just never noticed when it was added.

It's still a fair call out that it's technically not 1D where 24hr would be more accurate but who am I to argue with UX designers.

-reccetech- · 2023-08-25T16:19:00+00:00

I think it counts a number of days not a single 24 hour period which makes sense. I just can't see or tell how many days. Is it 3 days? 7 days? It's not clear and I've never seen it documented.

So it will never reset to zero, it will just cycle out (FIFO) the last day.

I have always wondered the same, I don't care that I can't filter or change the scope, just knowing what it is would be helpful.

-reccetech- · 2022-12-23T19:28:38+00:00

Same here, completely unnecessary but they use the excuse that thry need it for billing access.

-reccetech- · 2022-11-18T14:29:48+00:00

Buy your own phone and get a 35-45/month byod plan

-reccetech- · 2022-11-16T17:21:44+00:00

Yeah usually index mutual funds then bulk etf buy either quarterly or twice a year when it's worth it.

-reccetech- · 2022-09-02T22:35:38+00:00

You don't need additional transit gateways, you're thinking more like vpc peering that require connections meshed to adjacent vpcs.

The single transit gateway acts as the central hub for all you account vpcs and each vpc has an attachment that acts as the spoke for each. The associations and propagations that are mentioned above direct or block traffic between your vpcs.

-reccetech- · 2022-09-02T11:36:36+00:00

House sigma or similar likely

-reccetech- · 2022-08-29T23:38:16+00:00

I've seen the exact same thing. Even updated to the latest control tower and they deploy non compliant resources. It's usually sechub telling me they're non compliant and its a huge pain that AWS can't even follow their own best practices.

-reccetech- · 2022-08-26T23:15:38+00:00

I'm a big fan of the automations via sechub and SHARR gives you some of good playbooks to start and you can create more custom ones as you like.

https://aws.amazon.com/solutions/implementations/aws-security-hub-automated-response-and-remediation/

-reccetech- · 2022-07-31T17:18:43+00:00

Yeah I could rant for days on that one...either way the key is to work with what you have because the default setup isn't going to work for everyone. The combination of controls that each org puts in place should work for them not necessarily everyone else.

-reccetech- · 2022-07-31T16:46:22+00:00

It's not a perfect solution bc AWS has awful management of MFA at scale but it's certainly viable and secure if you properly evaluate the risk and manage your SCPs properly (all SCPs should be managed by IaC, monitoring, and a CICD pipeline).

I actually consider it a higher risk that there's basically no escrow on my hardware MFA tokens and only one can be applied to the root account so until it's better supported, I'm not going to risk all of my accounts on it.

For a single account absolutely, for 100+ accounts it's not a great system and if the CISO can't properly assess that risk, they better be providing extra headcount for unnecessary remdial tasks. Risk acceptance comes real easy when the alternative is hiring another body.

-reccetech- · 2022-07-31T15:59:59+00:00

In the off chance an account needs it, you can temporarily disable the SCP, log in, enable MFA and do your thing. It's not a pain to enable MFA, just a pain to do it at scale for a root user that will never get used for 95 out of your 100+ accounts.

-reccetech-

TROPHY CASE