Category: Continuous Integration
-
AWS RDS Aurora Blue/Green Deployment
Performing a blue/green deployment with RDS is a great way to validate changes and cutover while keeping the same endpoint and disrupting applications as little as possible. There are some important deployment considerations that you have to know before you create your cluster. Most of the time, teams find out about this after running a…
-
Terraform Module to Build an AMI using CodeBuild and Packer
I’ve created a terraform module that will allow you to build any AMI with a Packer configuration in a Git repository, using CodeBuild, and place the AMI ID in an SSM Parameter for use by other modules. I’ve created this module so that any AMI that I build can easily be deployed and built on…
-
Connect to GitHub from AWS CodeBuild
In order to build and deliver software in AWS using Github as the source repository, you have to setup a connection to authorize AWS to use Github. The best way is to use a GitHub App connection. AWS has some great documentation on how to do this. First, you need access to a GitHub account…
-
Packer Build: Timeout waiting for SSH
Back to basics. Building an AMI from the official Amazon Linux 2023 base AMI should be as easy as it gets. Packer 1.9.4 on Mac installed with brew. A simple build script. Nothing complicated. 80% of the time it would fail with this error: Timeout waiting for SSH. Further investigation showed that the AWS Session…
-
AccessDenied: User: is not authorized to perform: elasticloadbalancing:AddTags on resource
I recently updated a deployed helm chart’s ingress definition to add an SSL redirect on port 80 and was surprised to find that the operation also resulted in the removal of several listener rules from my ALB and a failure to update the SSL redirect. I pulled the logs from the AWS LoadBalancer Controller pods…
-
AWS LoadBalancer SSL Redirect with Bitnami Helm Chart(s)
First of all, thank you to Bitnami for providing such valuable helm charts to the community. What a great resource! Why doesn’t Bitnami support adding an SSL redirect for AWS LoadBalancing in their helm charts? I have worked with several lately where the templates baked into the helm charts will not allow the addition of…
-
AWS CLI v2 on OSX – Upgrade to latest
I was working on a project with a client where I wasn’t able to initialize a terragrunt deployment when using SSO: The version of the AWS CLI that I was using was 2.0.56. Upgrading to the latest version solved the issue (2.1.32). Be sure to login again after upgrading. Verify by running the following command:…
-
AWS Access Keys in S3 Bucket Policies
I’ve seen what appeared to be AWS Access Keys in S3 bucket policies as an AWS principal in the past. I could never figure out why this was happening and nobody appeared to be adding them. The Access Key never showed up as a valid user Access Key in a search of IAM objects either.…
-
Apache Airflow 1.10.2– Active Directory Authentication (via LDAP[s])
This basic guide assumes a functional airflow deployment, albeit without authentication, or perhaps, with LDAP authentication under the legacy UI scheme. This guide also assumes apache airflow 1.10.2, installed via pip using MySQL and Redis. The guide also assumes Amazon Linux on an EC2 instance. Pre-requisites: An Active Directory service account to use as the…
-
SSH in a for loop is a solution…
I just read an article by Jay Valentine on LinkedIn where he talks about Puppet and how they were not profitable, and also noted that Chef is not, and has never been, profitable. That got me to thinking, why are IT professionals investing in these technologies (time, knowledge, effort…). As an IT pro, it’s tempting…