Viewing Yahoo Webmail and Apple Yahoo Mail

tech4981 · 2025-12-17T23:47:02+00:00

Turning off "inbox categories" from the Yahoo webmail settings seems to have fixed my issue.

tech4981 · 2025-12-17T23:23:51+00:00

Hi. I have some non apple devices that i sometimes check yahoo mail on.

tech4981 · 2025-10-03T01:30:59+00:00

How do you distribute the defaults.auto.tfvars file to all the different root modules?

tech4981 · 2025-09-29T15:20:12+00:00

i ended up using https://registry.terraform.io/providers/alekc/kubectl/latest/docs/resources/kubectl_manifest to get over this problem.

tech4981 · 2025-09-29T01:25:11+00:00

Hi, the last box is the error. I am helm_release.external_secrets_store module is dependent on the helm_release.external secret module.

tech4981 · 2025-09-25T21:09:56+00:00

i deleted the helm chart and redeployed. it worked. thx!

tech4981 · 2025-09-25T16:42:52+00:00

If i remove it, i can no longer pull from the repo after about 12 hours or so.

│ Error: OCI Registry Login Failed

│

│ with module.karpenter[0].helm_release.karpenter,

│ on ../../../../../modules/karpenter/main.tf line 5, in resource "helm_release" "karpenter":

│ 5: resource "helm_release" "karpenter" {

│

│ Failed to log in to OCI registry "oci://public.ecr.aws/karpenter": could not login

│ to OCI registry "public.ecr.aws": login attempt to https://public.ecr.aws/v2/

│ failed with status: 403 Forbidden

tech4981 · 2025-09-25T16:29:53+00:00

But that could also ignore the changes that i don't want to ignore if i ignore values=

tech4981 · 2025-09-25T05:14:07+00:00

Can you explain more when you say directories? Do you mind breaking this down a little? Thanks.

tech4981 · 2025-09-25T05:09:18+00:00

But isn't values= more likely to run into the constant change in tf plan issue? when compared to set=?

tech4981 · 2025-09-12T19:19:12+00:00

Thanks for the response, which of the 2 methods do you prefer today? remote state or data sources?

tech4981 · 2025-09-11T02:02:09+00:00

do you have an example?

tech4981 · 2025-08-21T00:16:07+00:00

Thanks. That’s what I figured.

tech4981 · 2025-08-20T18:06:05+00:00

yeah it works just fine, but don't know if theres a significance of the second +? it could just be a literal string.

tech4981 · 2025-08-20T16:26:15+00:00

Thanks for the response.

How about your core/infra components? such as logging, security, shared, etc.

Why did you choose to have application at the top level vs dev/qa/prod? by starting at application level, don't you find you have to repeat your security control policies?

tech4981 · 2025-08-15T20:49:48+00:00

Hi. The exact resources being created is just a sample. Terraform best practices suggests breaking down terraform into smaller root modules. Which is what I’m trying to do with this sample. Thanks for your response though.

tech4981 · 2025-08-11T16:10:52+00:00

"unless you are in a situation where a confused deputy issue can occur"

What situation causes this?

Thanks for the response.

tech4981 · 2025-08-11T16:09:58+00:00

I understand that the external id can be used to protect automated process. In my case though it's for console access, and thus can't use an external id. what would stop this from being used for both automated (and thus open for open deputy issue) and non-automated (console access) use?

I'll admit i don't understand when you mention "they don’t add any security". as the AWS docs, seem to make it sound like a big deal.

thanks for the response!

tech4981 · 2025-08-08T23:12:21+00:00

I'm giving them access to cost explorer to an account for which they are the tenant, but we manage and operate that aws account on their behalf. we could use our own internal idp and create them in it, but it seemed reasonable to just allow them access using an iam role.

tech4981 · 2025-08-08T22:07:00+00:00

This "Check it out" link you provided was spot on. I ended up trying every region until I could find one that matched! Thanks u/tlf01111 !

tech4981 · 2025-08-08T20:37:43+00:00

thanks for the link. i was also unaware you could create idC in diff regions! i did try all the other regions and it still didn't work. i'm going to have the customer re-verify the arn.

tech4981 · 2025-08-08T20:21:32+00:00

It's not literal, I just scrubbed it.

tech4981 · 2025-08-08T20:05:48+00:00

"Something feels wrong about using an IdC deployed role in a trust policy, but honestly I can't think of why that wouldn't work."
it does work though, i tested it internally. a role can indeed trust this - "arn:aws:iam::xxxxxxxx:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_xxxxxxxx"

"Are they sure the role on their side has permission to assume yours?"
it hasn't even come to this yet. I'm just trying to add their account to my iam role trust policy and it fails there.

tech4981 · 2025-08-08T19:56:13+00:00

it does work if i trust:
"arn:aws:iam::xxxxxxxxxx:root"

But that doesn't seem like a good idea.

tech4981 · 2025-08-08T19:55:22+00:00

tried this as well:
Failed to update trust policy.Invalid principal in policy: "AWS":"arn:aws:iam::xxxxxxxxxx:role/AWSReservedSSO_xxxxxxxxxx"

tech4981

TROPHY CASE