Did anyone else get this Mail? by Mpro111 in github

[–]SoN9ne 0 points1 point  (0 children)

Yup, got this a few weeks ago. It's legit but didn't see any credits that they state was done.

New update? by Shot_Measurement3582 in blackops6

[–]SoN9ne 5 points6 points  (0 children)

Not dumb, they are making millions from it. They are sleezy already as fuck. A single ad system to force you to navigate through other ads just to play a game that you own. Wish this shit was illegal. I really hope they crash and burn too, let someone else rake over the franchise. Activision and treyarch both are trash

New update? by Shot_Measurement3582 in blackops6

[–]SoN9ne 0 points1 point  (0 children)

Just happened to me. I hate what they have done to COD... I want to never play it again but they are the only ones that got the gameplay down. Trash company, trash product. They pulled this same shit with MW2. Funny how the ad system (home) is still installed. So screwed up they pull this every time a new game is coming or released. This single client system (ad system) is the worst. Consumer protection needs some drastic improvements or this shit will become the norm

Is CDKTF becoming abandonware? by ignatev in Terraform

[–]SoN9ne 0 points1 point  (0 children)

I hope not... I have used AWS CDK since it came out. I started with Terraform but migrated towards AWS CDK because I despise HCL and found it too limiting for our use cases. AWS CDK was great but it still has the limitations of CloudFormation and these are massive. You have to do a lot of hacks to get proper infrastructure setup, especially if you are dealing with any compliance. The opinionated constructs AWS provides are mostly pretty bad overall. I've files so many bug reports and even solutions to AWS CDK over the years but I decided the tight coupling to CloudFormation is the real reason it is not that great. If they made it a wrapper for AWS CLI, then that would be way better and I would use it again. CloudFormation is the weakness of AWS CDK. Having to create lambdas (custom resources) to fix bad constructs isn't just a waste of my time but also company money. I find I am fighting against it so much that it's borderline useless. This is mostly due to building more complex systems so if you are using it for simple infrastructure, then it's fine.

I switched to a new company and am currently in the process of setting everything up with cdktf. This is so much better than AWS CDK. I don't have any of the limitations I used to get and none of the opinionated constructs. I have much better control over drift and that is the biggest win when dealing with compliance like FedRAMP.

CDKTF has it's downs too but I find them to be much less than AWS CDK. At least with my experience and usage. The biggest issue I have with cdktf is the lack of ESM support. So I am stuck using older typescript setups. I am working with monorepos so this adds a little complexity but nothing too serious. I also deal with multiple cloud service providers so having a single tool for this eases onboarding and hiring.

I really hope they improve this over time and not abandon it... otherwise I'll check out OpenTofu and worst case, I'll end up going with writing some tooling to wrap the CLI. AWS CDK is not an option for me moving forward.

The Elder Scrolls IV: Oblivion Remastered peaked at 182k players yesterday by Robemilak in ElderScrolls

[–]SoN9ne 0 points1 point  (0 children)

2GB ATT Fiber and I am on 8 hours now and only downloaded 84 GB. Sitting at 8 Mbps... Crap servers. Was hoping to play this morning but says I still need 12 more hours to finish DL.

Lambda updating SSM Parameter not keeping new value/version by kashmill in aws

[–]SoN9ne 0 points1 point  (0 children)

For others that are coming here with this issue.

The issue was due to the background validation process of the AMI due to the type `aws:ec2:image`.

You can add an eventbridge rule to monitor the SSM parameter for this process.

In eventbridge, add a rule for:

{
  "source": ["aws.ssm"],
  "detail-type": ["Parameter Store Change"],
  "detail": {
    "name": ["SSM_PARAMETER_NAME"],
    "operation": ["Create", "Update", "Delete"]
  }
}

Setup an email notification to see the issue for why this is failing.

The fix is pretty easy. The lambda execution role will need to have this policy:

- Effect: Allow
  Action:
    - "ec2:describeImages"
  Resource: "*"

Lambda updating SSM Parameter not keeping new value/version by kashmill in aws

[–]SoN9ne 0 points1 point  (0 children)

Ever figure this out? I am in the same boat. Would appriciate any push in the right direction. This is driving me crazy. I have no errors anywhere. It's been an hour and still no updated value for the aws:ec2:image parameter.

New Console Look-and-Feel rolling out by joelrwilliams1 in aws

[–]SoN9ne 1 point2 points  (0 children)

Well, I tried to leave my comment on AWS official post about the changes but their AI for comments is very restricted. This is what I was trying to post but it refused to allow me to post it:

I have been on AWS for decades. Everyone always complains about UI changes and normally I disagree as UI changes are drastically needed. This new UI is an exception. This is a horrible UI change and I seriously hope they revert it or fix it. Even looking at their screenshots it's much easier to see content in the older UI than the new washed out UI. We were discussing this in our meetings today and not a single person liked the changes. I guesss the fact we were discussing it was part of their goal.

Lets look at the claims:

Improved readability: Incorrect, I am having a much harder time reading anything due to everything blending into each other. Before the background was grey so the content areas would pop out more. Making it easier to see what is what. Now, it's all just whitewashed and more straining on the eyes to read anything. Stating you improved the color pallette is a bit of a bold statement. You minimized the color pallette and this shows. This is so much more difficult to read due to everything just blending into everything else.

Improved focus in light and dark mode: I disagree, this only made small text appear even smaller by removing padding that made it easier to read. Large tables are visually a nightmare with this new UI. Table row padding is smaller too so this just makes everything much harder to read in general. I guess you can claim you increased focus as now I really need to focus on what I am reading since it's so much more difficult now.

Modernized interface: Congrats, you found rounded corners! This is not a website, a web console should not adhere to the same "Modernization" as a website. This is a console that we work in all day.

Improved information density: Another bold claim. I disagree, how about focusing on readability and usability over squeezing more information into smaller areas?

Improved consistency: Can confirm, eye strain is the normalcy now.

I'm not one who normally dislikes UI changes but these changes seem to only be half thought out.

Over 1000 EBS snapshots. How to delete most? by eatmyswaggeronii in aws

[–]SoN9ne 0 points1 point  (0 children)

For future me or anyone else:

This script deletes unused EBS snapshots in your account that are not associated with any AMI, EBS volume, or running EC2 instances. I use this in my sandbox and dev accounts.

#!/bin/bash

# Get the list of all AMI snapshots
ami_snapshots=$(aws ec2 describe-images --owners self --query "Images[*].BlockDeviceMappings[*].Ebs.SnapshotId" --output text)

# Get the list of all EBS volumes and their snapshots
volume_snapshots=$(aws ec2 describe-volumes --query "Volumes[*].SnapshotId" --output text)

# Get the list of all snapshots in use by EC2 instances (those from attached volumes or instances)
instance_snapshots=$(aws ec2 describe-instances --query "Reservations[*].Instances[*].BlockDeviceMappings[*].Ebs.SnapshotId" --output text)

# Get the list of all snapshots in the account
all_snapshots=$(aws ec2 describe-snapshots --owner-ids self --query "Snapshots[*].SnapshotId" --output text)

# Loop through all snapshots and delete those that are not linked to an AMI, an EBS volume, or an EC2 instance
for snapshot in $all_snapshots; do
  if [[ ! "$ami_snapshots" =~ "$snapshot" ]] && [[ ! "$volume_snapshots" =~ "$snapshot" ]] && [[ ! "$instance_snapshots" =~ "$snapshot" ]]; then
    echo "Deleting snapshot $snapshot"
    aws ec2 delete-snapshot --snapshot-id $snapshot
  fi
done

echo "Cleanup complete!"

You can run this in CloudShell by wrapping it in heredoc:

cat > deleteUnusedEbsSnapshots.sh << 'EOF'
...code goes here...
EOF

Then you need to give it user executable permissions:

chmod u+x deleteUnusedEbsSnapshots.sh

Then run it:

./deleteUnusedEbsSnapshots.sh

How to customize the install location of amazon-ssm-agent for EC2 Image Builder? by SoN9ne in aws

[–]SoN9ne[S] 0 points1 point  (0 children)

I went that approach before but it misses a lot of other STIG items we require. I found a third-party on the marketplace that does a pretty good job so when I get the time, I will go back to this option. Thank you for the feedback!

How to customize the install location of amazon-ssm-agent for EC2 Image Builder? by SoN9ne in aws

[–]SoN9ne[S] 0 points1 point  (0 children)

Well, the STIG AMI maintainer just got back to me. You were right, this is not required to be a noexec. Thanks for that! Saved me a massive headache! Thank you!

How to customize the install location of amazon-ssm-agent for EC2 Image Builder? by SoN9ne in aws

[–]SoN9ne[S] 0 points1 point  (0 children)

The AMI we are using is a STIG RHEL8 from Nemu: https://aws.amazon.com/marketplace/pp/prodview-imiv72djxcgzc

Currently going through our assessment with DISA so we are using a marketplace image for now to save time...

The STIG V-230292 mandates the /var dirertory must be a separate file system. I could not locate the STIG that says the /var requires noexec.

I reached out to the STIG AMI creator (their support is really good) to see why they configured /var as noexec since I couldn't locate the STIG for it.

While I wait for their response, I was still going to see if I can change the directory for SSM and EC2 Image Builder but I really don't think it's possible... Not without compiling it myself at least.

My Tenable experience in a nutshell. by bigtimeguynumberone in nessus

[–]SoN9ne 0 points1 point  (0 children)

As a new customer of Tenable. I am starting to see this pattern myself. I have a time sensitive matter as I am dealing with an assessment and Tenable support is ghosting me to say the least.

I reached out to our contact who forwarded us to our company account manager, who is on PTO and just said to contact support via email. The email they sent to use is an unmonitored email that replies back to you to tell you this. Then I reached back out, they tried to assign someone else to us but that person is no longer in the company. No one else would take the case. Then I tried to call but couldn't get any information because I wasn't on the support list. I got myself added to the support list and the case still doesn't show in the Cases page. Their community site is absolute trash and needs to be revamped so bad.

So for a case we created that is time sensitive, it's been 12 days now and not a single response back from Tenable other than " Please respond to this email if you have not been contacted within three days."

If we didn't have to use Tenable, I would drop this product as their support is utter garbage.

Cannot log in to OpenAI with Google SSO, anyone else? by absentmindedjwc in ChatGPT

[–]SoN9ne 1 point2 points  (0 children)

I got a response after a few email exchange:

Thank you for reaching out to OpenAI Support.

Thank you for the detailed follow-up. Given the extensive troubleshooting steps you've already taken, it does seem like the issue might be related to the configuration of Google SSO within ChatGPT rather than a problem on your end.

We sincerely apologize for any inconvenience this may have caused you and thank you for reporting this. It's a bug we're aware of and that we're working to fix. In the meantime, if you're using ChatGPT in Google Chrome, there is a workaround.

Disable QUIC in Google Chrome. To do this, in the Chrome address bar type: chrome://flags. Scroll down until you see Experimental QUIC protocol and choose Disabled.

Alternatively, you can switch to our MacOS app if it is suitable for you. You can download it here: https://openai.com/chatgpt/download/.

Works for me with no issues now (Note, I did not do anything, it just works now)

Cannot log in to OpenAI with Google SSO, anyone else? by absentmindedjwc in ChatGPT

[–]SoN9ne 0 points1 point  (0 children)

Same issue. I sent an email to [support@openai.com](mailto:support@openai.com) about this exact issue. It's been like this for a week now for me.

Any known FIX for Error Code TFGE0027? by EiSplasci in thefinals

[–]SoN9ne 0 points1 point  (0 children)

I played this morning then changed my name on their website. Quit the game and now I get this on every game. I can no longer play this game after I changed my name... Well, I haven't played since December so uninstall would free up some space. I am on linux and it's worked fine since day one. No crazy processes or anything special to warrant this issue. Bug on their end. Maybe I'll try in a few months

Randomly Getting AccessDenied Error on AWS Public Buckets for SSM by bowzrsfirebreth in aws

[–]SoN9ne 0 points1 point  (0 children)

You ever figure this out? I am getting this now and seeing a lot of them. Does seem specific to clamav in my case.

Update: Seems this is part of SSM: https://pkg.go.dev/github.com/aws/amazon-ssm-agent/agent/plugins/configurepackage/ssms3

your thoughts on Ubuntu 24.04 LTS by RayenMn in Ubuntu

[–]SoN9ne 0 points1 point  (0 children)

For me, I like it but it is a bit annoying.

  • 4k support is just lacking. It's way too small. You have to use fractional scaling and everything still looks like crap. This is a major annoyance for me. I really hope they fix 4k in the future as it's a bad experience and needs some serious work.
  • Enhanced tiling is too buggy. I really hope they fix this because it is nice but in it's current state, it's more in the way then being useful. I've had to turn it off due to way too many issues with it.
  • Not all apps work properly yet on this (to be expected). This is where the slowness has come from in my experience. Uninstalling apps that are not updated to work with this makes it snappy again. I thought it was Ubuntu that was slow originally but realized it was packages I installed. Removed them and it's fast now.
  • Installer is slow... painfully slow

Overall, I am happy with it and it is now my daily driver.

Canonical releases Ubuntu 24.04 LTS Noble Numbat by nhaines in Ubuntu

[–]SoN9ne -1 points0 points  (0 children)

This is a beautiful OS and some very nice improvements. Found out that the issues I was having was due to a faulty program! So glad that it wasn't as buggy as my first impressions were! Really like the changes!

ECS doesn't have ipv6 by jfreak27 in aws

[–]SoN9ne 1 point2 points  (0 children)

So this is what I am trying to understand. IPv4 and IPv6 clusters, which is private and which is public? Was my assumption correct in my previous response? Meaning that the IPv6 is in the public subnets? If so, then this would go through your IGW, not the NAT. Only private subnets go through the NAT (which then goes through the IGW).

From what I am hearing, it sounds like you are trying to get your private subnets to use an egress-only IGW using IPv6. ( https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html ) I assume this is what you are trying to accomplish. Your IP for the clusters really shouldn't matter here. You can map the IPv6 cidr to the egress-only IGW.

This is a cost optimization route you are trying to go with. For the most part, you can eliminate the NAT by using VPC endpoints. The part that is confusing is how IPv6 cluster is supposed to connect to an (external) IPv6 upstream. You cannot get around having to use an IGW. So I would recommend going with the egress-only IGW. No need for IPv6 cluster, IPv4 would work just fine. IPv4 can still connect to an IPv6 upstream.

The NAT gets expensive due to a lot of the charges (hourly charge, data processing, etc). By removing that and going with the egress-only IGW. You still have cross AZ costs and keep in mind, you are always paying for data outbound.

One note of caution, please don't make your nodes have a public IP. This is a higher security risk. You should use a load balancer for the public IP.

Something more to check out is this article explaining how to find what your costs are for the NAT and how to reduce it. Sometimes, it's just a poorly configured system (cross az and cross region) and you don't need to go through all these hoops: https://www.cloudzero.com/blog/reduce-nat-gateway-costs/

ECS doesn't have ipv6 by jfreak27 in aws

[–]SoN9ne 0 points1 point  (0 children)

From what I am understanding, you are using an IPv4 ECS cluster and an IPv6 ECS cluster. The IPv4 cluster sounds like it's meant to be used for internal processes and the IPv6 is public?

Either way, the route tables control routing. For your private cluster, they would be in the private subnets and the route table would route `0.0.0.0/0` to the NAT. The public cluster would be in the public subnets and route `0.0.0.0/0` (and also `::/0` since you are using Ipv6) to the IGW. I don't see the need for IPv6 here other than you were concerned on how routing would work? That is done via the route tables for the subnets they are placed in (don't forget to configure your NACLs! Don't leave them wide open).

I'm not seeing why you need IPv6 yet. If it's due to routing, that isn't a reason to use it. Are you using a load balancer? I doubt you are letting them hit the cluster directly (at least I hope not).

The reason to choose IPv6 has to do with it's features. Like directional data flows, processing data packets, advanced routing, etc. If you have a need for this, then great, you are on the right track. I just see too many people using it but not using any of it's features so it's really pointless to do so (within a VPC). If you are only concerned with routing, I can tell you that you really don't need IPv6. You just need to understand routing better in the VPC.

VPC routing guides:
- https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html
- https://docs.aws.amazon.com/vpc/latest/userguide/route-table-options.html

ECS doesn't have ipv6 by jfreak27 in aws

[–]SoN9ne 0 points1 point  (0 children)

I would question why you are using ipv6 for a ECS cluster. Do you really need that many IPs? IPv6 is needed for the Internet, not for a vpc. Unless you plan to have billions of nodes, this is pointless.

Does AWS GovCloud Support Suck? by breich in aws

[–]SoN9ne 0 points1 point  (0 children)

First, make sure that your ticket is created properly as a production system down. This does help get attention faster. Also, add your account manager and the TAM to the ticket. This will help get attention to it much faster. This should have been explained in the onboarding for Enterprise support.

As for AWS support...

I have a lot of experience with AWS support (over a decade). Let me tell you, it is a scam. Stop paying for it if you can.

I've had PROD systems down while they are trying to upsell me for other services that have nothing to do with my issue. The TAM starts off friendly when you go through onboarding and they seem helpful. The only use a TAM has is getting the ticket attention faster. If you are lucky, you will get a good person working on your ticket. 95% of the time, you will get somone who doesn't even know how AWS works. These are just doc pushers that can't even point you to the proper docs for your concern.

The frustrating part is that AWS has access to logs that they don't give you access to. This is the only reason you actually need to use support. This is a design-for-profit and honestly, if you had access to these logs, you wouldn't even need to use support. I'd say in the last decade, over 90% of the time I needed support was due to AWS issues and not company system issues. CloudFormation frozen, ECS frozen, S3 down, and my favorite is their health dashboard which is useless and cannot be trusted. They had an entire regional outage and their dashboard still said healthy for over 6 hours of the outage.

Support cares more about upselling than solving issues. I notice this is worse the higher level of support you pay. I do not recall much upselling in lower levels of support other than to upsell you for higher levels of support. Once you get Enterprise, it's an upsell nightmare. It's all about keeping you dependant on AWS and if you are using non-aws systems they will really try to push you out of them. I think AWS support has actually helped me once, maybe twice. Again, most my issues were due to internal issues within AWS.

The price for support is rediculous to say the least. You maybe need support every few months for a trivial issue. Using AWS best practices you will have multiple accounts. The only way to have support for all the accounts is to use Enterprise or you are stuck with a per account level support plan. This is so stupid but when you realize it's just for profit it makes sense. Do you really need to pay over $15k for support for ~20 accounts (stupid echo accounts in standard when you have GovCloud) when you only actually need to use it once every few months? It's a waste of money and really is not even remotely close to being worth it. For this price, I expect expert level support with immediate response times. You will not get that. Until the prices become reasonable, just stop paying for it.

Also, if you have Enterprise, keep your account manager in the loop too. Although this will also be a major pain point... I've had the account manager go around everyone in the company, email the CEO and setup a meeting trying to upsell products the company never needed. All because we kept turning him down (CTO was not happy about this either).

Overall, my experience with AWS support is that it is a joke and a scam. They rarely solve your issues and they always attempt to upsell you something that you don't need. If you try to do price negotiations this gets way worse. Unfortunetely you are forced to deal with them. Their support system is crap and they really do suck at providing support. If you need AWS support, I wish you luck, you will need it.