• Introduction to HashiCorp Nomad

      Nomad is “a simple and flexible workload orchestrator” that is capable of running not just containers, but pretty much any workload you can build. Whilst related solutions like Kubernetes focus on containerized application hosting, Nomad has a broader reach and this might be a great selling point if your environment is more heterogenous, or if…

      Read more…

    • Checking out GitHub pull requests to a local branch

      After some trial and error, here’s how I check out Github pull requests to a local branch with tracking. Edit .git/config, add the following line in the section for the desired remote. Ensure to add it before the existing line for remote branches, e.g. Run git fetch and see all the new remote “branches” appear.…

      Read more…

    • Accessing AWS Services When Remoting

      Having recently moved out of my place, where I had comparitively great Internet access supplied with static IP addresses, I’m currently working mostly tethered to my phone. It turns out that good LTE service actually works pretty well for most things – even long distance SSH – but sitting on a cellular network with a…

      Read more…

    • Terraform: AWS ACM Certificates for Multiple Domains

      My life got better when AWS introduced Certificate Manager, their service for issuing validated TLS certificates for consumption directly by other AWS services. You don’t get to download certificates issued by ACM to install on your own servers, but you can use them with your EC2 Load Balancers, CloudFront and some other services, alleviating the…

      Read more…

    • AWS Account Switching with Ansible

      I recently worked on a project involving multiple AWS accounts, with different projects and environments spread through those accounts in different combinations. Having opted to use Ansible for driving deployments, I looked at built-in capabilities for account switching. It turns out you can easily inject credentials authenticating with another IAM user, but this can only…

      Read more…

    • Bitwarden Review

      Having been an avid user of password managers for as long as I can remember, I was an entrenched premium customer of LastPass for several years. It served me well with its multi-platform support, reliable sync and support for quirky authentication schemes, however as time went on I encountered more and more issues, and eventually…

      Read more…

    • Terraform: Cross Account S3 Bucket Access Control

      Whilst auditing a set of organizational AWS accounts, I wanted to consolidate operational S3 buckets into a single account and grant access as required. It might not be immediately obvious the first time you do this, so this post is a bit of a primer on cross-account S3 access control, and implementing such with Terraform.…

      Read more…

    • Beyond Facts: Retrieving AWS Resource IDs

      I’m a huge fan of Ansible and I’ve made use of it in several projects to orchstrate AWS services. Ansible is designed to be simple, with most functionality contained in modules which are callable via tasks in playbooks. This has huge benefits, but also bears the major drawback of significant boilerplate when you need to…

      Read more…

    • Ansible Recommended Patterns

      It can be tricky to figure things out when structuring new projects. You might set out to make things as comprehensive as possible, to accommodate future expansion, but this raises the barrier to entry and can leave you in a quandry about where things should go. Or you might opt for the lean approach, making…

      Read more…