Archive

Archive for the ‘Amazon Web Services’ Category

Slides from the “Providing the best Mac experience possible, from the Apple CoE team with ♥” session at Jamf Nation User Conference 2018

October 24, 2018 Leave a comment

For those who wanted a copy of my Mac management talk at at Jamf Nation User Conference 2018, here are links to the slides in PDF and Keynote format.

PDF – http://tinyurl.com/JNUC2018SAPPDF

Keynote – http://tinyurl.com/JNUC2018SAPKeynote

Session videos and slides available from MacSysAdmin 2018

October 11, 2018 Leave a comment

The documentation from MacSysAdmin 2018 is available, with the session slides and videos being accessible from the link below:

http://documentation.macsysadmin.se

The video of my session is available for download from here:

I also like to thank Tycho Sjögren and Apoio AB for inviting me to speak again at this year’s MacSysAdmin.

Slides from the “Getting Started with Amazon Web Services” session at MacSysAdmin 2018

October 5, 2018 2 comments

For those who wanted a copy of my Amazon Web Services talk at at the MacSysAdmin 2018 conference, here are links to the slides in PDF and Keynote format.

PDF – http://tinyurl.com/MSA2018AWSPDF

Keynote – http://tinyurl.com/MSA2018AWSKeynote

Backing up the contents of an AWS-hosted Jamf Pro cloud distribution point to a local directory

February 15, 2018 Leave a comment

As part of removing unused packages from a Jamf Pro cloud distribution point using @shea_craig‘s Spruce tool, I needed to first make a backup of the contents of the cloud distribution point to a local directory on my Mac. That way, in case I had made an error and deleted the wrong installer package, I had a copy of the package readily available and could re-add the package back to my Jamf Pro server.

The cloud distribution point in question is hosted out in Amazon Web Services’ (AWS) S3 service, so I decided to use AWS’s awscli command line tool‘s S3 functions to run a one-way synchronization process between the cloud distribution point in S3 and my local directory. For more details, please see below the jump.

Read more…

Automating the enablement of object versioning on AWS S3 buckets

June 30, 2017 Leave a comment

As part of some work I’ve been doing with Amazon Web Services, I needed to enable object versioning on all S3 buckets in an account.

Screen Shot 2017 06 30 at 1 28 38 PM

However, I had three issues that I needed to accommodate for:

  1. There were a sufficient number of S3 buckets that enabling versioning via the S3 web console would be inconvenient.
  2. Some of the S3 buckets in the list already had object versioning enabled, while others in the list did not.
  3. I had forgotten which ones already had versioning enabled, so I’d have to check each one.

To address all three issues, I’ve written a script that uses the aws command line tool to detect which S3 buckets do not have object versioning enabled and enable it on the detected S3 buckets. For more details, see below the jump.

Read more…

Managing AWS-hosted VMs using EC2 Systems Manager

May 30, 2017 Leave a comment

I’ve been doing a lot of work recently with Linux VMs that are hosted on Amazon Web ServicesEC2 service. As part of this work, I’ve been working on two problems in parallel:

  • Enabling automation of certain management commands for the VMs
  • Securing SSH

Part of the issue was that I thought I needed to have SSH available to enable remote administration. If that was true, I also needed to secure SSH access so that I could use it and malicious third parties couldn’t. However, whatever method I chose also needed to be easily accessible to my team so that they could access the AWS-hosted VMs in case of an emergency where I wasn’t available.

I went through a few iterations of SSH solutions, including investigating multi-factor authentication and setting up SSH bastions. In the end though, I discovered a surprising solution that fixed both of my problems: AWS’s EC2 Systems Manager

Systems Manager allowed me to do the following:

  1. Manage my Linux VMs on EC2 without using SSH
  2. Block SSH access on my Linux VMs
  3. Run commands on multiple VMs at once
  4. Create a library of frequently used tasks and run those commands without needing to re-enter the scripts used to run those tasks.
  5. Not spend extra money on a management solution because AWS makes Systems Manager available at no cost to AWS customers.

For more details, please see below the jump.

Read more…

Using IAM roles on Amazon Web Services to generate temporary credentials for EC2 instances

April 27, 2017 Leave a comment

While working on a project involving Amazon Web Services, I ran across the concept of being able to use temporary credentials with AWS’s Command Line Interface (awscli) tool. When using the awscli tool, it is necessary to provide authentication credentials so that the aws tool is able to authorize its actions with AWS. When running the awscli tool on an EC 2 instance, AWS has provided a way to get temporary authentication credentials on demand, through the use of IAM roles.

In my research on the topic, I found a lot of posts showing how to use temporary credentials, but not a lot of information on how to set up the needed IAM roles. After some additional research, in addition to trial and error, I was able to figure out the IAM role setup process. For more details, see below the jump.

Read more…

Categories: Amazon Web Services, Linux
%d bloggers like this: