Using MFA With the AWS API

Mon, Jul 3 2017 - 6 minute read

The awesome and informative Last week in AWS newsletter by Corey Quinn has been around for a few weeks now, with curated AWS announcements, tips, tools and blog posts. If you are responsible for making services run using AWS, you should definitely subscribe. At the bottom of the very first issue there is a quick tip about requiring MFA for API usage, which solves a long standing issue we have had with AWS, namely that while you could require an MFA code to log into the web console, there didn’t seem to be a similar limitation for API access, meaning that having API keys on your laptop was a potential security risk.

Read more

Chef runs from your laptop via ssh using chef-provisioning-ssh

Fri, Jun 19 2015 - 7 minute read

When comparing configuration management systems, one of the biggest selling points of ansible is how easy it is to get started in a small environment - you type up a recipe/playbook on your laptop, run ansible, and it connects via SSH to your machines to configure them. This blog post shows you how to do the same thing with chef using chef local mode, chef-provisioning and chef-provisioning-ssh. This setup can be very useful if you have just a couple of machines, don’t want to set up a chef server until you grow your infrastructure, and want to orchestrate everything from your laptop.

Read more

Python module/plugin loading pattern

Sun, Dec 29 2013 - 3 minute read

When writing a new program in python, I often find myself using the same pattern over and over, and wanted to document it here. The idea is that you have some core functionality of the program, and loadable modules to expand the functionality, with only some of the modules being loaded at runtime. These modules are single files inside a modules/ directory, contain a single Module() class (and optionally others depending on what the module needs), and some other functionality that the core of your program will use.

Read more

Time Management for Systems Administrators and todo.txt

Tue, Jun 11 2013 - 5 minute read

I’ve been reading Tom Limoncelli’s Time Management for Systems Administrators once again, and am trying out (once again, for real this time) the time management system described in the book called “the cycle”. I also use todo.txt system as one of my (several) task list tools, and decided to try to make it work with the cycle. The advantages of the todo.txt system are its simplicity, ease of adding new items (with an alias it’s simply typing t add Do something in any terminal window).

Read more

Bash prompt snippets for git, rvm, virtualenv, ssh

Mon, Jun 10 2013 - 2 minute read

The following is just a couple of snippets I have in my bash prompt to identify various environments that I’m in for rvm, git and so on. While you can usually find some way of getting this information in your prompt on the sites of the individual programs, it’s nice to have something where it’s all together. I’ve also tried to make an effort to avoid slow versions of various commands, ideally just parsing environment variables if possible.

Read more