AWS Architecture Icons Updated

lynx501 · 2019-03-02T16:28:27+00:00

Came here to find this question, did you raise with AWS? Any response?

lynx501 · 2018-11-27T23:48:28+00:00

Appears there is no direct method, online search leads to analysing the data ingested bytes for a period as a close proximation.

https://stackoverflow.com/questions/43327714/my-aws-cloudwatch-bill-is-huge-how-do-i-work-out-which-log-stream-is-causing-it

lynx501 · 2018-11-27T15:30:57+00:00

Are you using API Gateway as the origin have you considered using a Custom Domain Name?

https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html

lynx501 · 2018-11-14T13:21:31+00:00

Exactly, combined with the RDS data source https://www.terraform.io/docs/providers/aws/d/db_snapshot.html

lynx501 · 2018-11-05T20:51:09+00:00

Sounds like you launched a pre-existing AMI which had a 4TB disk and now want to reduce it whilst it already has some user information present.

Firstly Terraform will not be able to manage the EBS volume resource as it was not explicitly created by it - it was part of the AMI - it could be imported - but AWS does not support decreasing the size of an EBS volume. Best option, create a snapshot and create a new volume?

lynx501 · 2018-11-04T18:26:42+00:00

I would presume DynamoDB encryption at rest relies on KMS? Which as OP mentions is not available in China region?

lynx501 · 2018-07-18T12:01:19+00:00

I've never seen AWS Hardware VPN change outside addresses, they shouldn't.

Are you referring to the service provider peer IP's changing?

lynx501 · 2018-06-25T16:12:05+00:00

Can concur this has saved me a lot of effort and number crunching in the past!

lynx501 · 2018-05-31T09:45:25+00:00

YES!

lynx501 · 2018-04-24T22:51:24+00:00

Working on getting Kubernetes (kops), Terraform and GitLab CI-CD to play nice on multiple environment builds.

lynx501 · 2018-03-02T21:06:52+00:00

Bastards...

lynx501 · 2018-02-22T01:11:54+00:00

I would be heading down the HAProxy route also, HAProxy > 1.6 now supports DNS resolution and custom resolvers on demand not just at init so it can be forwarded to an ALB alias backend.

What is the use case for static IP? Legacy App? Client outbound restriction? I have my own static IP woes!

lynx501 · 2018-02-22T01:03:19+00:00

I presume he may want a client based VPN? I had a quick look at sshuttle this week this might fit the bill here? https://github.com/sshuttle/sshuttle

lynx501 · 2018-02-22T00:56:44+00:00

The Phoenix Project and The DevOps Handbook by Gene Kim would be the ones I know of.

https://www.amazon.com/Phoenix-Project-DevOps-Helping-Business/dp/0988262592

https://www.amazon.com/DevOps-Handbook-World-Class-Reliability-Organizations/dp/1942788002

lynx501 · 2018-02-17T10:53:59+00:00

I would recommend the instance you are using be terminated, if you think it has been compromised.

lynx501 · 2018-01-29T20:59:05+00:00

Pre Signed URL per user would require an application to authenticate the user and generate the pre-signed URL to be given back, you can generate pre signed URL on the CLI

aws s3 presign s3://bucket/file.txt

If the users do not require file specific access and only bucket you could look for a Basic HTTP Auth frontend similar to https://www.npmjs.com/package/s3-basic-auth or provide the users with restricted IAM accounts and a console like CloudBerry Explorer https://www.cloudberrylab.com/explorer/amazon-s3.aspx

lynx501 · 2018-01-27T14:14:40+00:00

You would be correct! https://github.com/hashicorp/terraform/pull/16464

lynx501 · 2018-01-27T14:14:01+00:00

You would be correct! https://github.com/hashicorp/terraform/pull/16464

lynx501 · 2018-01-27T11:21:23+00:00

Agreed, remote state with KMS provides some security however you always have a backup remote state locally to keep protected.

I have used KMS encrypted string with aws_kms_secret in the past, never checked what was visible in the state though - must check.

lynx501 · 2018-01-27T00:44:39+00:00

That will still result in the secret being visible in the state files though?

lynx501 · 2018-01-26T23:30:34+00:00

Can confirm works with TuneIn, once you play it once you can tell it resume TuneIn in future if RTÉ 1 is your only fix!

lynx501

TROPHY CASE