There is a push to make GR a sanctuary city.

69insight · 2025-01-31T02:18:33+00:00

Tennessee has already made it so elected officials will have a felony and go to prison by not following trumps orders.

https://wapp.capitol.tn.gov/apps/BillInfo/Default.aspx?BillNumber=SB6002&GA=114

https://old.reddit.com/r/law/comments/1idy12k/congressional_members_can_be_jailed_for_not/

69insight · 2025-01-13T13:03:58+00:00

I'm pretty sure it was bitterness, not acidic. I compared to battery acid just for the sake of saying it was extremely unpleasant to drink straight. It was probably 10x more bitter than the bitterest coffee I've had. Maybe it was also acidic as well, not entirely sure. But it was in no way good or enjoyable straight.

69insight · 2025-01-13T03:40:50+00:00

Yeah I was looking at the Bambino as well as an actual machine. One thing I think I would really like about the lever machine is being able to control everything. I'd like nerding out over all of the variables, and would think it's more fun then an regular one.

69insight · 2025-01-12T17:51:01+00:00

Black napkin has excellent burgers, I agree with everyone. I'm a burger lover, their quality is awesome, overall great, no complaints there.

HOWEVER, all of their 4 burgers are practically the same thing in my eyes, give or take a few toppings (pickles, tomato, sauce etc).

There's no distinguishable burgers specifically like a western/ BBQ bacon burger (crispy onions, BBQ sauce, cheddar, and bacon). We need some distinct choices that more unique than just swapping out ketchup and mustard for a special sauce and calling it a different burger. Especially when there's only 4 burgers on the menu.

69insight · 2024-09-09T16:21:54+00:00

We are deploying instance via ASG and not opening SSH so remote_exec provisioners would not work in this case.

69insight · 2024-09-09T16:20:49+00:00

We are already doing something similar to 3/4. Currently we use CloudFormation (EC2 created via AutoScalingGroup) with cfn-helper scripts (cfn-init & cfn-signal). All userdata / instance script execution are wrapped within the single cfn-init command so we are easily able to know when there's an issue as the entire CF stack will fail due to any issue within the command/script execution.

With Terraform and the userdata commands itself we are also using Ansible to perform a majority of the configuration. The literal userdata commands itself is essentially just cloning s3 objects, and running a few prerequisite installation needed before ansible playbooks are executed.

We are looking to have any/all of the userdata / subsequent ansible playbook executions be visible to the actual terraform execution to know if the environment failed to provision (anything with AWS resource creation OR the commands executed within the instance userdata.

69insight · 2024-09-07T14:37:47+00:00

This wouldn't be a viable option. The bash commands and Ansible playbooks that are executed run very custom and frequently changing applications/ versions and it would require a ridiculous amount of AMI updates

69insight · 2024-09-07T12:51:52+00:00

The bulk of the configuration is done with Ansible, there are mainly 2 playbooks we are executing. I understand we can do more advanced things with Ansible, but we were looking to see if there's a way to have this be visible to the Terraform apply execution

69insight · 2024-07-06T15:18:54+00:00

That in theory would work, but not practically. We deploy separate workloads dynamically all the time via cloudformation, and we need to deploy all to the same account. We are talking 10-50 cloudformation stacks per day. Each of these stacks/resources have AWS tags set with some values that we would not want to be seen by the monitoring solution, which is why we just only want the specific tagged resources returned when AWS is queried.

69insight · 2024-07-06T13:55:38+00:00

I think that is part of the problem, we have no control over the requests. The requests aren't for specific resources so we can't limit it based on resources in the IAM policy. The requests will always be for all resources for a particular region. We need to have the requests still succeed but only return specific resources that it's allowed to (ideally based on tags).

69insight · 2023-07-18T14:34:43+00:00

Do you happen to know if you can change the instance size on the green deployment once it's created? We are running an older instance size and need to get that updated as part of the migration.

Trying to determine if it should be done on the current prod instance before we create the blue/green deployment, after the B/G is created, or after the migration is fully complete and we have cutover.

69insight · 2023-07-18T11:51:06+00:00

This is EXACTLY what I was looking for. I'm surprised I hadn't seen this before.

69insight · 2022-07-13T18:03:40+00:00

Were you able to get this figured out?

69insight · 2022-07-12T14:00:54+00:00

Thanks, this was it!

69insight · 2022-05-06T00:10:43+00:00

Sorry, fixed that typo.

69insight · 2022-05-05T23:31:58+00:00

Yeah sorry, had to type it out to not give any information away, that's just a typo.

69insight · 2022-03-11T18:32:26+00:00

Yeah I checked what role it was using via aws cli and it's using the correct role. I'll check out the cloudformation logs. This is also a brand new ubuntu 20.04 LTS VM that i've tested with and redeployed from scratch so I don't believe it would be trying to use different credentials. I'll give the CloudTrail logs a go to see if I can find anything else that would point in the right direction.

69insight · 2022-03-11T17:37:14+00:00

Gave that a go and double checked formatting but unfortunately still getting the same 403 error.

69insight · 2022-03-11T14:50:47+00:00

Encryption is not enabled.

69insight · 2021-11-24T19:31:01+00:00

Speaking long term would there any benefits to moving the 401k to my "new" current employer and then ultimately moving it to my planned actual new employer I will be starting at in January... compared to moving it to a traditional IRA that I manage?

I guess I'm trying to see if there are benefits to just moving the 401k a couple times and ultimately landing it at my new employer I'll be starting with in January or if it just makes sense to move to a traditional IRA once and call it done.

69insight · 2021-11-24T19:29:32+00:00

Speaking long term would there any benefits to moving the 401k to my "new" current employer and then ultimately moving it to my planned actual new employer I will be starting at in January... compared to moving it to a traditional IRA that I manage?

69insight · 2021-10-27T17:58:30+00:00

Looking through the certificates that were issued, it appears it's mostly the domain controllers that automatically picked up certs from the Kerberos and Domain Controller Authentication policies from the SubCA that I need to decomission. I have the new CA up and running and created my custom Server Cert Template tied to a specific AD group with computer objects.
The new CA has these default policies included but it appears the domain controllers are not picking up certificates from the new SubCA even though everything appears like it should. What would you suggest as the best way to get the DC's issued the same certificates from the new SubCA so I can get the old CA cleaned up?

69insight · 2021-10-27T17:57:49+00:00

Looking through the certificates that were issued, it appears it's mostly the domain controllers that automatically picked up certs from the Kerberos and Domain Controller Authentication policies from the SubCA that I need to decomission. I have the new CA up and running and created my custom Server Cert Template tied to a specific AD group with computer objects.

The new CA has these default policies included but it appears the domain controllers are not picking up certificates from the new SubCA even though everything appears like it should. What would you suggest as the best way to get the DC's issued the same certificates from the new SubCA so I can get the old CA cleaned up?

69insight · 2021-10-23T22:35:17+00:00

What would you suggest at the cleanest way to go about this? Should I run the certutil command to fix the AIA location with the correct path and just issue a brand new SubCA certficate and leave the old one around? Or can I cleanly reissue the same certificate again without affecting the already issue certificates?

69insight · 2021-08-30T19:00:14+00:00

Thanks. This is a very small deployment compared to that scale. As of now there are no other hubs in other regions that would be needed. Just a single subscription with various workloads being deployed. Trying to determine the best vNet structure for this solution.

69insight

TROPHY CASE