apparent order
@apparentorder.bsky.social
The Aneristic Principle. Currently not active on this site; find me on Twitter.
Blog post: I was totally unaware that the IAM Policy for SSM Agent grants access to all Parameter Store secrets. And yesterday's poll shows that the older policies are still used a lot. tty.neveragain.de/2023/10/31/s...
AWS: On IAM Policies for the Systems Manager Agent
The AmazonSSMManagedInstanceCore IAM policy, until recently the recommended policy for the Systems Manager Agent on EC2 instances, allows retrieval of secrets stored in the Parameter Store
tty.neveragain.de
November 2, 2023 at 6:36 AM
Blog post: I was totally unaware that the IAM Policy for SSM Agent grants access to all Parameter Store secrets. And yesterday's poll shows that the older policies are still used a lot. tty.neveragain.de/2023/10/31/s...
Major update to FarSSH:
- Support IPv6
- Support running without public IPv4 address (caveats apply; see README)
- Image now published to Dockerhub too (no IPv6 support in AWS ECR)
- Client rewritten in Python
github.com/apparentorde...
- Support IPv6
- Support running without public IPv4 address (caveats apply; see README)
- Image now published to Dockerhub too (no IPv6 support in AWS ECR)
- Client rewritten in Python
github.com/apparentorde...
GitHub - apparentorder/farssh: Secure on-demand connections into AWS VPCs
Secure on-demand connections into AWS VPCs. Contribute to apparentorder/farssh development by creating an account on GitHub.
github.com
November 2, 2023 at 6:36 AM
Major update to FarSSH:
- Support IPv6
- Support running without public IPv4 address (caveats apply; see README)
- Image now published to Dockerhub too (no IPv6 support in AWS ECR)
- Client rewritten in Python
github.com/apparentorde...
- Support IPv6
- Support running without public IPv4 address (caveats apply; see README)
- Image now published to Dockerhub too (no IPv6 support in AWS ECR)
- Client rewritten in Python
github.com/apparentorde...
New blog post: An overview of the available options for ingress traffic on AWS, focused on avoiding the new public IPv4 address charges and providing IPv6 to end users tty.neveragain.de/2023/10/24/a...
AWS: Ingress Traffic: Avoiding Public IPv4 Address Charges
An overview of the available options for ingress traffic on AWS, focused on avoiding the new public IPv4 address charges and providing IPv6 to end users
tty.neveragain.de
October 24, 2023 at 11:04 AM
New blog post: An overview of the available options for ingress traffic on AWS, focused on avoiding the new public IPv4 address charges and providing IPv6 to end users tty.neveragain.de/2023/10/24/a...