VirtualTam's bookmarks

1. Swift on Server 2024-06-12

   tags: cloud/aws, linux/container/docker, network/grpc, network/http, network/http/openapi, programming/swift

   [ permalink ]

   • swift-server
   • Packaging Applications for Deployment
   • swift-server/swift-openapi-lambda
   • swift-server/swift-aws-lambda-runtime
   • swift-server/swift-aws-lambda-events
   • grpc/grpc-swift
2. AWS Access Key Format 2024-02-28

   tags: cloud/aws, programming/go, programming/python, security, security/credentials, security/token

   [ permalink ]

   • AWS Security Credentials Formats
   • A short note on AWS KEY ID
   • Research Uncovers AWS Account Numbers Hidden in Access Keys
   • TruffleHog Now Detects AWS Canaries without setting them off
3. Extreme HTTP Performance Tuning: 1.2M API req/s on a 4 vCPU EC2 Instance | talawah.io 2021-05-23

   tags: cloud/aws, linux, linux/kernel, linux/kernel/ebpf, network/http, performance, programming/c

   [ permalink ]

   • https://blog.packagecloud.io/eng/2016/06/22/monitoring-tuning-linux-networking-stack-receiving-data/
   • https://blog.packagecloud.io/eng/2016/10/11/monitoring-tuning-linux-networking-stack-receiving-data-illustrated/
   • https://blog.packagecloud.io/eng/2017/02/06/monitoring-tuning-linux-networking-stack-sending-data/
   • http://www.brendangregg.com/systems-performance-2nd-edition-book.html
4. Smithy - A language for defining services and SDKs 2021-05-18

   tags: cloud/aws, programming/api, programming/code-generation, programming/java

   [ permalink ]

   • https://github.com/awslabs/smithy
   • https://awslabs.github.io/smithy/1.0/guides/index.html
5. cli53 - Command line tool for Amazon Route 53 2021-04-09

   tags: cloud/aws, command-line, network/dns

   [ permalink ]
6. Open Distro for Elasticsearch | Open Distro 2020-12-20

   tags: cloud, cloud/aws, machine-learning, observability/elastic/elasticsearch, observability/logging, observability/tracing, programming/java, security/authentication, security/authorization

   [ permalink ]

   • https://github.com/opendistro-for-elasticsearch
   • https://aws.amazon.com/blogs/aws/new-open-distro-for-elasticsearch/
   • https://opendistro.github.io/for-elasticsearch/blog/releases/2020/12/announcing-trace-analytics/
   • https://logz.io/blog/open-distro-for-elasticsearch/
7. What is "AWS Security Scanner" in my server logs? 2020-07-31

   tags: cloud/aws, network, security

   [ permalink ]

   • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
   • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html
   • https://docs.aws.amazon.com/cli/latest/reference/ec2/modify-instance-metadata-options.html
   • https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/
   • https://aws.amazon.com/blogs/aws/new-host-based-routing-support-for-aws-application-load-balancers/
   • https://aws.amazon.com/about-aws/whats-new/2018/07/elastic-load-balancing-announces-support-for-redirects-and-fixed-responses-for-application-load-balancer/
   • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how
   • https://www.reddit.com/r/aws/comments/e18e5n/botexploit_what_is_this_trying_to_do_and_how/f8qympp/
   • https://forums.aws.amazon.com/thread.jspa?threadID=316889
   • https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
   • https://www.wired.com/story/capital-one-paige-thompson-case-hacking-spree/
   • https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/
   • https://krebsonsecurity.com/2019/07/capital-one-data-theft-impacts-106m-people/
   • http://www.thecloudavenue.com/2019/08/how-capital-one-hack-was-achieved-in-aws.html
   • http://www.thecloudavenue.com/2019/11/changes-to-aws-ec2-instance-metadata-service.html
8. How we abused Slack's TURN servers to gain access to internal services | Communication Breakdown 2020-04-09

   tags: cloud/aws, multimedia, network, network/webrtc, security, streaming, video

   [ permalink ]

   • https://webrtchacks.com/
   • https://www.enablesecurity.com/security-assessment/webrtc-pentest/
9. The boring technology behind a one-person Internet company 2019-12-18

   tags: audio, cloud/aws, configuration-management/ansible, framework/django, observability/datadog, podcast, programming/python, startup, virtualization/vagrant, web

   [ permalink ]
10. AWS | Enable Enhanced Networking with Elastic Network Adapters for vintage OS AMIs 2019-09-17

    tags: chroot, cloud/aws, linux, linux/debian, linux/kernel, virtualization, xen

    [ permalink ]

    Paravirtual (PV) to Hardware Virtual Machine (HVM):

    • https://stackoverflow.com/questions/24330721/amazon-ec2-how-to-convert-an-existing-pv-ami-to-hvm

    ENA support:

    • https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking-ena.html
    • https://forums.aws.amazon.com/thread.jspa?threadID=166135
    • https://aws.amazon.com/premiumsupport/knowledge-center/boot-error-linux-m5-c5/
    • https://bugs.centos.org/view.php?id=14107
    • https://ygrene.tech/how-to-enable-ena-support-for-aws-amis-in-5-steps-and-make-your-bamboo-remote-jobs-really-fast-f2a4254a9955

    Build Debian AMIs from scratch:

    • https://bootstrap-vz.readthedocs.io/en/master/
    • https://github.com/andsens/bootstrap-vz
    • https://www.slideshare.net/JamesBromberger/debian-cloud-building-the-debian-amis
    • https://blog.james.rcpt.to/2012/12/06/official-debian-images-on-amazon-web-services-ec2/

    Squeeze:

    • https://lists.debian.org/debian-cloud/2013/02/msg00023.html

    Wheezy:

    • https://lists.debian.org/debian-cloud/2014/10/msg00009.html
    • https://lists.debian.org/debian-cloud/2014/11/msg00000.html

    Boot to chroot:

    • https://unix.stackexchange.com/questions/85714/boot-into-a-chroot
    • https://wiki.debian.org/chroot
    • https://wiki.debian.org/Debootstrap
    • https://superuser.com/questions/384437/booting-linux-system-from-chroot-is-there-a-better-way-to-do-this/384457#384457
    • https://github.com/lemonsqueeze/boot-chroot
11. Amazon Web Services | Auto-scale bind to an elastic IP? 2019-09-09

    tags: cloud, cloud/aws, network, network/firewall, network/ip

    [ permalink ]

    Use case:

    • Set up an AutoScaling Group with exactly 1 min/max/desired instance
    • Attach an Elastic IP to the active instance

    Usually for interoperability reasons and/or IP-based network rules (80's firewall anyone?).

    • https://stackoverflow.com/questions/34849360/how-to-assign-eip-to-autoscaling-group-of-vpc-in-cloudformation-template
    • https://www.reddit.com/r/aws/comments/6k3gb2/auto_assign_eip/
12. trailscraper: A command-line tool to get valuable information out of AWS CloudTrail 2019-08-08

    tags: cloud/aws, observability/logging, programming/python, security, user

    [ permalink ]
13. AWS Tutorial: Enable Your Users to Configure Their Own Credentials and MFA Settings - Identity and Access Management 2019-08-08

    tags: cloud/aws, programming/api, security, security/authentication, security/authorization, user

    [ permalink ]

    • https://aws.amazon.com/blogs/security/how-to-delegate-management-of-multi-factor-authentication-to-aws-iam-users/
    • https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_my-sec-creds-self-manage.html
    • https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
14. Comparison of NAT Instances and NAT Gateways - Amazon Virtual Private Cloud 2019-06-27

    tags: cloud, cloud/aws, network, network/router, security

    [ permalink ]

    • https://www.theguild.nl/cost-saving-with-nat-instances/
    • https://dzone.com/articles/nat-instance-vs-nat-gateway
    • https://docs.aws.amazon.com/vpc/latest/userguide/VPC_NAT_Instance.html
    • https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
    • https://aws.amazon.com/blogs/aws/new-managed-nat-network-address-translation-gateway-for-aws/
    • https://dzone.com/articles/aws-vpc-nat-instance-failover
    • https://aws.amazon.com/articles/high-availability-for-amazon-vpc-nat-instances-an-example/
15. python-lambda: A toolkit for developing and deploying serverless Python code in AWS Lambda 2019-06-05

    tags: cloud/aws, lambda, programming/python, programming/python/virtualenv, s3

    [ permalink ]

    • https://hackersandslackers.com/improve-your-aws-lambda-workflow-with-python-lambda/
16. cloudsweeper - Monitor developer accounts for old items that might have been forgotten 2019-04-15

    tags: cleanup, cloud, cloud/aws, maintenance

    [ permalink ]
17. aws-amicleaner: Cleanup your old unused AMI and related snapshots 2019-04-15

    tags: cloud, cloud/aws, maintenance, programming/python

    [ permalink ]
18. CloudWatch GetMetricData support by mtanda · Pull Request #11624 · grafana/grafana · GitHub 2019-04-04

    tags: cloud/aws, observability, observability/grafana

    [ permalink ]

    • https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDataQuery.html
    • https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html
    • https://community.grafana.com/t/how-to-plot-the-rate-of-change-or-the-incline-of-a-line-plot/14334/6
19. Locating AWS Marketplace AMI Owner Id and Image Name for Packer Builds 2019-03-28

    tags: cloud, cloud/aws, linux, packer

    [ permalink ]
20. How can I get the size of an Amazon S3 bucket? - Server Fault 2019-03-25

    tags: bucket, cloud/aws, command-line, s3, storage

    [ permalink ]