Feeding logs from various AWS services to CloudWatch Logs is a common pattern. From Lambda logs, through ECS Task logs, to Linux /var/log/* messages forwarded by awslogs daemon, they can end up in CloudWatch. How can we monitor them - and get alerted - when something of interest gets logged? People often use Elastic Search, [...]
Sometimes it's handy to know what IP address ranges are used in different AWS Regions. You may want to whitelist access to your region AWS endpoints, or from global CloudFront location, or set up some special routing rules, or look up which region a certain IP belongs to. ip-ranges.json & filter-ip-ranges AWS publishes ip-ranges.json [...]
In the previous post I explained how to Use Cross-account access through AWS Console. Today I'll show you how to do the same in the command line using aws-cli. We've got Access and Secret keys for the Login account and want to use aws-cli to create and manage resources in the Dev account above. [...]
Short post to demonstrate how to use AWS Cross-account access from AWS Console. To re-iterate this is what we what we have set up in our previous post: First step is to login to the aws-nz-login account as an non-privileged IAM user, e.g. as michael.ludvig in my case. In the top-right menu under [...]
In bigger organisations it is common to have one central AWS account with IAM User accounts and a whole lot of independent per-project or per-team accounts that are only through cross-account access from this central account. The benefits is obvious - company has a single place where they manage user accounts, credentials, passwords, permissions, etc. [...]
Current Linux distributions can seamlessly work as members of Active Directory domains which gives them access to the AD authentication system. However it requires the Linux hosts to "join" the AD domain, for which one has to posses some special AD privileges. In many cases this is not viable and we may only want a [...]
Let's Encrypt certbot-auto support for Amazon Linux is still marked as experimental and as such we occasionally encounter unexpected problems. The most recent one was introduced with certbot-auto 0.19.0. During install or upgrade from previous versions you may get an error like this: Upgrading certbot-auto 0.18.2 to 0.19.0... Replacing certbot-auto... Creating virtual environment... Installing Python [...]
If you are of around my age or younger you probably didn't have much exposure to tape backup technologies. Tapes are sooo 90's right?! I definitely didn't expect that as an AWS Consultant I will have to learn about tapes. But I did! One of our customers wanted to use AWS Storage Gateway (SGW) in [...]
Working as a Senior AWS Consultant for one of the New Zealand's leading AWS consulting providers means that I'm expected to have a hands on experience with as many AWS services as possible. In this series I will walk you through my first project that makes use of AWS IoT service. Background In one [...]
This post is not too AWS-specific, in fact the steps below should work not only on Amazon Linux but also on RedHat Linux, CentOS and Oracle Linux and posibly on Debian and Ubuntu based distros as well. There is a number of prerequisities for a successful completion of this task. At least the following records should be [...]