Short post to demonstrate how to use AWS Cross-account access from AWS Console. To re-iterate this is what we what we have set up in our previous post: First step is to login to the aws-nz-login account as an non-privileged IAM user, e.g. as michael.ludvig in my case. In the top-right menu under [...]
In bigger organisations it is common to have one central AWS account with IAM User accounts and a whole lot of independent per-project or per-team accounts that are only through cross-account access from this central account. The benefits is obvious - company has a single place where they manage user accounts, credentials, passwords, permissions, etc. [...]
Current Linux distributions can seamlessly work as members of Active Directory domains which gives them access to the AD authentication system. However it requires the Linux hosts to "join" the AD domain, for which one has to posses some special AD privileges. In many cases this is not viable and we may only want a [...]
Let's Encrypt certbot-auto support for Amazon Linux is still marked as experimental and as such we occasionally encounter unexpected problems. The most recent one was introduced with certbot-auto 0.19.0. During install or upgrade from previous versions you may get an error like this: Upgrading certbot-auto 0.18.2 to 0.19.0... Replacing certbot-auto... Creating virtual environment... Installing Python [...]
If you are of around my age or younger you probably didn't have much exposure to tape backup technologies. Tapes are sooo 90's right?! I definitely didn't expect that as an AWS Consultant I will have to learn about tapes. But I did! One of our customers wanted to use AWS Storage Gateway (SGW) in [...]
Working as a Senior AWS Consultant for one of the New Zealand's leading AWS consulting providers means that I'm expected to have a hands on experience with as many AWS services as possible. In this series I will walk you through my first project that makes use of AWS IoT service. Background In one [...]
This post is not too AWS-specific, in fact the steps below should work not only on Amazon Linux but also on RedHat Linux, CentOS and Oracle Linux and posibly on Debian and Ubuntu based distros as well. There is a number of prerequisities for a successful completion of this task. At least the following records should be [...]
S3 Pre-signed URLs can be used to provide a temporary 3rd party access to private objects in S3 buckets. For example non-public files on a file sharing site can only be made available to the approved users with one-off URLs that expire after 10 minutes. Here we offer a simple demo for testing the concept. The demo consists of [...]