Archive

Archive for the ‘Amazon Web Services’ Category

Using IAM roles on Amazon Web Services to generate temporary credentials for EC2 instances

April 27, 2017 Leave a comment

While working on a project involving Amazon Web Services, I ran across the concept of being able to use temporary credentials with AWS’s Command Line Interface (awscli) tool. When using the awscli tool, it is necessary to provide authentication credentials so that the aws tool is able to authorize its actions with AWS. When running the awscli tool on an EC 2 instance, AWS has provided a way to get temporary authentication credentials on demand, through the use of IAM roles.

In my research on the topic, I found a lot of posts showing how to use temporary credentials, but not a lot of information on how to set up the needed IAM roles. After some additional research, in addition to trial and error, I was able to figure out the IAM role setup process. For more details, see below the jump.

Read more…

Categories: Amazon Web Services, Linux

S3 server side encryption not supported with Jamf Pro cloud distribution points

April 23, 2017 Leave a comment

As part of a project I’m working on, I needed to set up a cloud distribution point for a Jamf Pro server in Amazon Web Services. AWS -hosted cloud distribution points use a bucket in Amazon’s S3 service to store the files hosted by the distribution point. To help secure the S3 bucket, I enabled S3 server-side encryption. This encryption provides data at rest protection for files stored in a S3 bucket and is managed by Amazon’s S3 service.

Once that security was enabled, I was unable to then upload either installer .pkgs or .dmgs to the S3 bucket associated with the cloud distribution point using any of the following methods:

The unusual part was that the installer would look like it would upload and appear as a valid package when viewed from the Jamf Pro web console.

Screen Shot 2017 04 23 at 12 19 02 PM

Screen Shot 2017 04 23 at 12 19 23 PM

However, if I viewed the S3 bucket from the AWS console, the actual installer files would not be present in the S3 bucket.

Encrypted CDP S3 bucket

For more details, see below the jump.

Read more…

Creating a Jamf Pro Cloud Distribution Point using Amazon Web Services

March 7, 2017 3 comments

In a number of environments, Mac admins are transitioning from hosting their Mac-supporting services in on-site datacenters to now hosting them with various cloud service providers. These service providers can include Jamf Cloud, Amazon Web Services, Akamai or Rackspace.

For Mac admins using Jamf Pro, one way to start this transition is to use a Cloud Distribution Point (CDP). This allows a Jamf Pro server to use several specific cloud services’ content delivery networks to host installers and (if applicable) in-house developed applications and eBooks.

For my own needs, I was looking into setting up a CDP on Amazon Web Services (AWS). Jamf provides some documentation on how to set a CDP up with AWS, but doesn’t provide specific guidance. After some research and testing though, I was able to figure out the process for Jamf Pro 9.97x. For more details, see below the jump.

Read more…

%d bloggers like this: