Advanced AMI Filtering with JMESPath

I recently had a need to do some “advanced” filtering of AMIs returned by the AWS CLI. I’d already mastered the use of the --filters parameter, which let me greatly reduce the number of AMIs returned by aws ec2 describe-images. In many cases, using filters alone got me what I needed. In one case, however, I needed to be even more selective in returning results, and this lead me to some (slightly more) complex JMESPath queries than I’d used before. I wanted to share them here for the benefit of my readers.

What I’d been using before was a command that looked something like this:

ec2 describe-images --owners 099720109477 \
--filters Name=name,Values="*ubuntu-xenial-16.04*" \
Name=virtualization-type,Values=hvm \
Name=root-device-type,Values=ebs \
Name=architecture,Values=x86_64 \
--query 'sort_by(Images,&CreationDate)[-1].ImageId'

The part after --query is a JMESPath query that sorts the results, returning only the ImageId attribute of the most recent result (sorted by creation date). In this particular case, this works just fine—it returns the most recent Ubuntu Xenial 16.04 LTS AMI.

Turning to Ubuntu Bionic 18.04, though, I found that the same query didn’t return the result I needed. In addition to the regular builds of 18.04, Canonical apparently also builds EKS Continue reading

Weekend Reads 030119

The tradeoff is that users’ credentials are then centrally stored and managed, typically protected by a single master password to unlock a password manager data store. With the rising popularity of password manager use it is safe to assume that adversarial activity will target the growing user base of these password managers. Table 1, below, outlines the number of individual users and business entities for each of the password managers we examine in this paper.

Imagine that you’re about to give a presentation in front of your entire organization. If you have ever been anxious in a situation where the stakes are high, you’ve probably received well-meaning advice: Calm down. Take deep breaths. Think positively, and you will nail this. —Barry Brownstein

“Photographs furnish evidence,” wrote Susan Sontag in On Photography. “A photograph passes for incontrovertible proof that a given thing happened.” Sontag went on to write of how photographs can misrepresent situations. But do they even have to show real objects? —Ben Sixsmith

Scammers tend to be skilled at finding the most vulnerable individuals and turning them into victims. Case in point: Researchers at Proofpoint have been tracking campaigns that prey on those looking for work. The payoff Continue reading

Stuff The Internet Says On Scalability For March 1st, 2019

Wake up! It's HighScalability time:

 

10 years of AWS architecture increasing simplicity or increasing complexity? (Michael Wittig)

 

Do you like this sort of Stuff? I'd greatly appreciate your support on Patreon. Know anyone who needs cloud? I wrote Explain the Cloud Like I'm 10 just for them. It has 39 mostly 5 star reviews. They'll learn a lot and love you forever.

 

  • 1.3 billion: npm package downloads per day; 20: honeybee communication signals used to coordinate thousands of workers; 71: average global life expectancy; 120K: max inflight SQS messages; 80%: shared code between iOS, Android, the web; 1 TB: microSD card; 20%: increase in value wind energy using ML; 64%: respondents cite optimizing cloud spend as the topvinitiative; 250: drones augmenting small military units; 35,880: record robots shipped to North American companies; 50K: aerial photos of the UK; 119%: increase in demand for AI talent; 18TB: MAMR hard drive; $20 million: Pinterest paid more than expected for AWS; 100,000: MySQL connections; 19%: all requests come from Bots, APIs, and search engine crawlers; 

  • Quotable Quotes:

Connecting RasPBX via SIP Trunk

The previous tutorial has covered RasPBX installation on Raspberry Pi 3 board. At the end of the tutorial we have tested local calls between chan_sip extensions 1010 and 1020 that are registered to RasPBX. This time we will go further and connect RasPBX with another FreePBX VOIP system via PJSIP trunk. The FreePBX is running on VirtualBox and it is in version 14 with Asterisk 13. As the last step of the tutorial, we will test VOIP calls  between RasPBX with FreePBX that are interconnected by PJSIP trunk.

As we have mentioned, a complete RasPBX and Zoiper softphones installation and configuration is covered in a previous tutorial (except the SIP trunk).  Also, the tutorial does not cover installation of FreePBX on VirtualBox VM. So far, our inventory contains RasPBX and FreePBX with the following components.

RasPBX - Asterisk on Raspberry PI board:
- Asterisk 13.22.0
- FreeBPX 14.0.3.13
- Zoiper softphone on Ubuntu 18.0.4, IP 172.17.100.2/16, ext. 1010
- Zoiper softphone on Android 5.1, IP 172.17.100.5/16, ext. 1020

FreePBX - Installed  on VirtualBox VM
- Asterisk 13.19.1
- FreeBPX 14.0.3.13
Continue reading

Deploying Workers with GitHub Actions + Serverless

Deploying Workers with GitHub Actions + Serverless

If you weren’t aware, Cloudflare Workers, our serverless programming platform, allows you to deploy code onto our 165 data centers around the world.

Want to automatically deploy Workers directly from a GitHub repository? Now you can with our official GitHub Action. This Action is an extension of our existing integration with the Serverless Framework. It runs in a containerized GitHub environment and automatically deploys your Worker to Cloudflare. We chose to utilize the Serverless Framework within our GitHub Action to raise awareness of their awesome work and to enable even more serverless applications to be built with Cloudflare Workers. This Action can be used to deploy individual Worker scripts as well; the Serverless Framework is being used in the background as the deployment mechanism.

Before going into the details, we’ll quickly go over what GitHub Actions are.

GitHub Actions

GitHub Actions allow you to trigger commands in reaction to GitHub events. These commands run in containers and can receive environment variables. Actions could trigger build, test, or deployment commands across a variety of providers. They can also be linked and run sequentially (i.e. ‘if the build passes, deploy the app’). Similar to many CI/CD tools, these commands run Continue reading

The Open Compute Project is quickly gaining ground

Eight years ago, Facebook launched the Open Compute Project (OCP), an open-source hardware initiative to design the most energy-efficient server gear for massive, hyperscale data centers. The promise was flexibility of hardware and software and designs for greater power efficiency.Very quickly, Intel, Rackspace, Goldman Sachs and Sun Microsystems' co-founder Andy Bechtolsheim joined with Facebook to launch the OCP project, with Microsoft joining in 2014.The project has hummed along quietly with no sales figures until now, thanks to supply chain market research specialists IHS Markit. It surveyed both Facebook, Microsoft, and Rackspace, as founding partners, and looked at sales to customers beyond those three.To read this article in full, please click here

The Open Compute Project is quickly gaining ground

Eight years ago, Facebook launched the Open Compute Project (OCP), an open-source hardware initiative to design the most energy-efficient server gear for massive, hyperscale data centers. The promise was flexibility of hardware and software and designs for greater power efficiency.Very quickly, Intel, Rackspace, Goldman Sachs and Sun Microsystems' co-founder Andy Bechtolsheim joined with Facebook to launch the OCP project, with Microsoft joining in 2014.The project has hummed along quietly with no sales figures until now, thanks to supply chain market research specialists IHS Markit. It surveyed both Facebook, Microsoft, and Rackspace, as founding partners, and looked at sales to customers beyond those three.To read this article in full, please click here

Technology Short Take 111

Welcome to Technology Short Take #111! I’m a couple weeks late on this one; wanted to publish it earlier but work has been keeping me busy (lots and lots of interest in Kubernetes and cloud-native technologies out there!). In any event, here you are—I hope you find something useful for you!

Networking

Servers/Hardware

New Firewall Tab and Analytics

New Firewall Tab and Analytics

At Cloudflare, one of our top priorities is to make our products and services intuitive so that we can enable customers to accelerate and protect their Internet properties. We're excited to launch two improvements designed to make our Firewall easier to use and more accessible, and helping our customers better manage and visualize their threat-related data.

New Firewall Tabs for ease of access

We have re-organised our features into meaningful pages: Events, Firewall Rules, Managed Rules, Tools, and Settings. Our customers will see an Overview tab, which contains our new Firewall Analytics, detailed below.

New Firewall Tab and Analytics

All the features you know and love are still available, and can be found in one of the four new tabs. Here is a breakdown of their new locations.

Feature New Location
Firewall Event Log Events (Overview for Enterprise only)
Firewall Rules Firewall Rules
Web Application Firewall Managed Ruleset
IP Access Rules (IP Firewall Tools
Rate Limiting Tools
User Agent Blocking Tools
Zone Lockdown Tools
Browser Integrity Check Settings
Challenge Passage Settings
Privacy Pass Settings
Security Level Settings

If the new sub navigation has not appeared, you may need to re-login to the dashboard or clear your browser’s cookies.

New Firewall Analytics for analysing events and Continue reading

1 1,297 1,298 1,299 1,300 1,301 3,841