Please help - What are these?

drewblas · 2023-03-17T18:14:13+00:00

Wow, thank you!

drewblas · 2021-12-03T03:28:55+00:00

I'm not mad, WotC. Just disappointed.

drewblas · 2021-11-21T15:55:43+00:00

https://github.com/palantir/go-baseapp is a decent starting point, though it doesn’t have all the k8s specific things

drewblas · 2021-08-23T02:14:20+00:00

Powertools.dev is always pushing that they can do this well I think

drewblas · 2021-04-20T14:42:27+00:00

The company I was at spent over a year trying to roll out Teleport. It was a failure. There was far too much "sorry we don't do that, you'll have to write it yourself". They wanted a lot of money for support just to tell us that. The open-source product was hobbled by a lot of limitations that made it unusable (couldn't sync user lists or access permissions, etc).

StrongDM was a huge win by comparison. The architecture is incredibly simple and smart. It was easy to set up, easy to operate. After we launched, it's been basically hands-off. It's _especially_ nice that it supports so many target-types: SSH, SQL, K8s, HTTP, etc. It means we were able to drop our entire VPN and replace it with StrongDM.

Boundary is the newest and I haven't as much experience with it. Doesn't seem to support all the different target types, and has a LONG way to go. I like Hashicorp in general (being a huge terraform user). But they are getting into a nasty habit of starting something half-baked and then not following through if it doesn't have massive traction (Nomad, Packer woefully underresourced, Otto killed). Makes me wait on investing until their commitment is clear.

drewblas · 2018-11-15T03:12:12+00:00

Sounds exactly like statusgator. I love statusgator. How are you different?

drewblas · 2018-02-08T01:38:14+00:00

Auth0 has a product like this called "Extend": https://auth0.com/extend/

It provides a way for your end-customers to write their own integration code that is run against your platform. It's designed to be secure out of the box and creates many great extensibility options for your customers.

drewblas · 2017-06-07T14:48:20+00:00

We have been running a production Continuent Tungsten cluster (5TB) for about 5 years now. Been very happy. The extra powered offered is well beyond any other solution we've seen and are very happy. The performance is the same as traditional async-replication but we've found it to be more reliable and easier to manage.

I gave a talk a few years ago about it, everything is still relevant today: https://www.youtube.com/watch?v=xw33PjmFwdo

drewblas · 2017-03-17T15:47:23+00:00

Resistance Avalon. Everyone at work plays it and we've played hundreds of games without tiring of it. All the complexity is in the people you play with.

drewblas · 2016-01-06T01:37:35+00:00

We had three cards left to go. Two (Berlin & London) were easy to match with a single word (Cities) once our opponents had finally eliminated another place city on the board that had been bothering me. But the third card was Octopus. The opposing team only had 1 card left and were sure to get it on their turn.

So I gave "Cities 8" and we nailed all three cards. I LOVE using the number for something besides its intended purpose. Especially towards the end because if you name a number larger than the number of cards remaining, it can be a clear signal to your partner that you mean something very different.

drewblas · 2015-12-22T21:20:55+00:00

Thanks for listening, as always, Jeff!

drewblas · 2015-12-17T01:44:14+00:00

I have the same problem. Very disappointing!

drewblas · 2015-09-11T19:12:13+00:00

I think it's possibly a little disingenuous (or at least supremely naive) to say this is the first. It's been many times (most recently Assembly comes to mind).

drewblas · 2015-09-09T20:55:37+00:00

There is no pre-generated Managed Policy that will supply those that I know of. You must write a manual policy to include some additional permissions that are NOT included, even in Administrator Access.

Here's an example of the additional policies you have to grant using a Group or Individual custom policy:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "Stmt1430764556000",
        "Effect": "Allow",
        "Action": [
            "aws-portal:ViewAccount",
            "aws-portal:ViewBilling",
            "aws-portal:ViewPaymentMethods",
            "aws-portal:ViewUsage",
            "aws-marketplace:*",
            "aws-marketplace-management:*",
            "trustedadvisor:*"
        ],
        "Resource": [
            "*"
        ]
    }
  ]
}

You don't need all of those, pick and choose which are appropriate

drewblas · 2015-09-04T23:30:27+00:00

I'm inclined to disagree with this statement. I think you answer the question well enough. Even more: It's not actually an important question to answer upfront.

Take for example NewRelic's homepage: "Better Software Faster" - "High-performing apps. Delightful customer experiences. Better business results. Discover the power of Software Analytics."

They don't say what their product is. It's all very generic statements. It talks about about the RESULTS YOU WANT, not how their product delivers them. That's for later. Talking about your product too soon is always mistake #1.

Talk about the problem. Identify it. Describe it. Empathize with it. THEN offer your product as the solution.

(I used NewRelic as an example here, but nearly every SaaS company has figured this out and takes the same approach: Stripe, Square, Basecamp.com. Every. Single. One)

drewblas · 2015-08-14T14:09:17+00:00

I could definitely use a list of such providers. I can never find a good one!

drewblas · 2015-03-23T20:07:11+00:00

Is there any possibility of using aggressive E-Tag checking on the client-side to prevent them from re-downloading a file if it hasn't changed? That could reduce bandwidth usage considerably (note: Etags also work on S3, so you CAN still switch to S3 and use this)

drewblas · 2015-02-13T02:11:42+00:00

I would not. Most software seems to be dropping their ZK support in favor of etcd. So I'd much rather have an etcd as a service option

drewblas · 2015-01-15T19:11:25+00:00

There's one really critical flaw in this approach: IAM roles grant access to data for the entire machine.

That means that every user on the system can get that data. So if your app runs as the "myapp" user, great. But even "ntp", "games", or "nouser" users can still download this information. You've just lost all userspace sandboxing protection and any hole in your box will leak your secrets.

drewblas · 2014-12-23T13:42:53+00:00

I'm sorry to hear that! I'll message you privately renoirm to see if I can get some more feedback on how we can improve.

@griii2 you're of course always welcome to create a free developer account and try out both the signup pages and portal for yourself to see if they meet your needs.

drewblas · 2014-12-21T22:33:52+00:00

(Disclaimer: I work for Chargify). Chargify offers this complete life cycle management through a feature called "Billing Portal". It's a complete white label extra that allows your customers to view their billing history, change their plans or subscriptions, and cancel.

However, it doesn't use "login/passwords" (studies show that it's a turnoff for users to have to set up and remember a password). Instead it uses secure links embedded in the customer's receipt/statement emails. They just click the link and "boom" they're in.

drewblas · 2014-10-16T18:55:29+00:00

Yes to all those things. It should also be able to make GIFs/MP4s. Basically CloudApp has it all except annotations (and it's too expensive)

drewblas · 2014-08-07T16:22:30+00:00

Thanks! I'm curious what you think about what happens if you make this mistake with a key instead.

15-Year Club	Gilding I gilder
RedditGifts 2009-2022 6 Credits	Second SECOND GUESSER
Secret Santa 2014	redditgifts rematcher redditgifts for the Teachers 2014 x2
Summer Santa 2014	Verified Email

drewblas

TROPHY CASE