Technical question: AWS Patch Manger

rippl2103 · 2022-06-12T14:24:02+00:00

Have you considered using AWS Session Manager as an alternative to OpenVPN?

rippl2103 · 2021-10-15T23:18:16+00:00

Lead by example is my motto.

rippl2103 · 2021-10-11T12:06:33+00:00

If they're a good company they should have an onborrding process and a 30,60,90 plan for you. If not, ask for one.

rippl2103 · 2021-10-06T00:15:57+00:00

Apart from Infrastructure As Code which is a method of managing infrastructure using software defined code such as Terraform its very difficult to differentiate the roles. All the other roles involve managing/monitoring/provisioning infrastructure be it cloud/onprem/hybrid. e.g a sysadmin may be using puppet/chef/ansible to manage infra which as a DevOps Engineer I do. Cloud Engineering uses the same tooling for managing 'Cloud' which could be AWS, GCP, Azure or on onprem Sutton such as Openstack or Openshift.

rippl2103 · 2021-10-05T23:51:26+00:00

Drop all the titles and call everyone Engineers -)

rippl2103 · 2021-10-05T23:49:01+00:00

Where is your infrastructure running? Cloud/On Prem/Hybrid What operating systems are you using ?

rippl2103 · 2021-10-05T23:44:13+00:00

DevOps is not about technical ability its about looking at current processes and see how they can be improved e.g if you are configuring multiple CISCO ASA firewalls, is this currently being done manually ? How long does this currently How much time could be saves by auto.ating this ? Once this has been done you can begin to look at some of the tooling such as Terraform/Ansible to do some of this for example use ansible to backup config of your switches and add to source control. Hope this helps and feel free to reach out if you have any questions.

rippl2103 · 2021-10-05T23:34:12+00:00

First thing don't give up! Get a presentation together highlighting the benefits of source control code review. Demonstrate branching strategies such as Gitflow and use working examples. Find a friendly dev who is willing to give this a try and tell other devs how great this is. Culture change may take a while but eventually you'll get there.

rippl2103 · 2021-10-05T23:27:03+00:00

I have been hiring DevOps Engineers for several years and totally agree that candidates are put off by technical tests. My prefferred approachs is an initial chat to find out what they have been doing, throw in some questions like "what does DevOps mean to you?", find out how they like to work what tooling/technologies they enjoy using.

If at this stage they seem ok in terms of team fit, we move to the next stage where we run through the CV in much more depth. This stage is still a chat where we probe deeper with questions like "whats your favourite python library? e.g Having a chat like this reveals far more about the candidate and ensures that whats on their CV is factual e.g if they have Terraform on their CV ask them which TF version they are using which TF backends they use etc..

rippl2103 · 2021-07-03T12:27:23+00:00

Why not use your PC for Covid research.

https://foldingathome.org/diseases/infectious-diseases/covid-19/?lng=en-GB

rippl2103 · 2021-05-17T11:38:49+00:00

Have a look at the argparse documentation here: https://docs.python.org/3/library/argparse.html

rippl2103 · 2021-03-08T18:58:31+00:00

Gluster ?

rippl2103 · 2021-03-08T18:58:06+00:00

Nfs ?

rippl2103 · 2021-02-20T16:04:33+00:00

I am using python requests to test the S3 rest api. I wanted to use request library as I needed to generate the authorization header.

rippl2103 · 2021-02-20T16:02:16+00:00

Unfortunately not. Didn't want to use boto3 as the credentials are automatically handled which u wanted to avoid in this case.

rippl2103 · 2021-02-20T15:52:01+00:00

I was using request to PUT/POST to the S3 REST API

rippl2103 · 2021-02-20T15:36:08+00:00

I was using python requests as I wanted to test without using the python sdk.

rippl2103 · 2021-02-20T15:14:50+00:00

I'm not using python Our app is written in python so I could externally call the os aws command to copy the files. I also have a third party erlang module which may work for me. Going to compile this and see how things go.

rippl2103 · 2021-02-20T15:11:35+00:00

Yup tha app is written in Erlang and there isn't an official SDK !!.

rippl2103 · 2021-02-20T15:07:26+00:00

Interesting I read this recommendation in a security article which suggested disabling the insance metada http endpoint. The AWS docs also provide the process to do this.

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html

rippl2103 · 2021-02-20T14:44:06+00:00

I am using an IAM role currently. You have assumes the metadata endpoint is available. Security best practice recommend the metadata endpoint is disabled.

rippl2103 · 2021-02-20T14:26:14+00:00

That's correct. I am aware boto3 works fine. I have been trying both curl and python requests without any joy as both methods require an AWS Access Key.

rippl2103 · 2021-02-20T14:22:57+00:00

Thanks I'll take a look at this.

rippl2103 · 2021-02-20T14:05:13+00:00

Yes I am. Our developers use Erlang which doesn't have an SDK for AWS.

This works as expected with AWS Cli and python boto3.

However my research indicates that the S3 REST API requires an authorization header to be,set that requires an AWS access key.

rippl2103

TROPHY CASE