#office-hours (2023-04)
“Office Hours” are every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cloudposse.com/office-hours
Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!
https://cpco.io/slack-office-hours
Meeting password: sweetops
2023-04-01
![Vlad Ionescu (he/him) avatar](https://avatars.slack-edge.com/2020-10-03/1417676895681_ea45b3f22e5fea04f2fc_72.png)
Thing related to the discussion we had last week: https://github.com/toricls/aws-fargate-with-step-functions
Patterns for running Amazon ECS/AWS Fargate tasks resiliently with AWS Step Functions
2023-04-02
![kunalsingthakur avatar](https://secure.gravatar.com/avatar/d2f6aab7811813568af87f0583da6565.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
Is there any video library link where we can see all office hours
![venkata.mutyala avatar](https://avatars.slack-edge.com/2022-01-10/2935964026964_e3525ee61170d7dc3198_72.png)
You can register here: cloudposse.com/office-hours Join the conversation: https://cloudposse.com/office-hours https://slack.cloudposse.com/ Find out how we c…
![kunalsingthakur avatar](https://secure.gravatar.com/avatar/d2f6aab7811813568af87f0583da6565.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
If yes pls share link
![kunalsingthakur avatar](https://secure.gravatar.com/avatar/d2f6aab7811813568af87f0583da6565.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0004-72.png)
Thanks in advance
2023-04-04
2023-04-05
![Taylor Turner avatar](https://avatars.slack-edge.com/2023-04-05/5080282877889_148def6b9060bee34364_72.png)
I’m setting up an Elastic stack (Elasticsearch, Kibana) which will mainly be ingesting time-based data (via Filebeat/Metricbeat in EKS clusters); this new stack will replace an older, legacy Elastic stack (version 7.9). This is a self-hosted stack deployed as a series of AWS ASGs.
The legacy stack is only configured to use the hot tier. I’d like to set up an ILM policy for the new stack to leverage hot/warm/cold tiers.
Few questions:
- Do you have recommendations on an example ILM policy that we could start with?
- What instance types or other resources would you recommend for each data tier?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here office hours is starting in 30 minutes! Remember to post your questions here.
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Vlad Ionescu has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Taylor Turner has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Linda Pham (Cloud Posse) has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Marc Slayton has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Amer Zec has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Andy Wortman has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jeremy / Nuru (Cloud Posse) has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Paul Marcelin has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Eric Berg has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jeremy Bouse has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
tyler has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Isaac M has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Fireflies.ai Notetaker has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alex Atkinson has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
dave lundgren has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
dag viggo lokoeen has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Roy Sprague has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Andrew Thompson has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jim Park has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Jenkins has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jonathan Eunice has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
David Hawthorne has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Risikat Yewande Raji has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alejandro Calbazana has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Kris Musard has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alejandro Calbazana has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jeremy White has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Matt Gowie has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Oskar Maria Grande has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Vasilenko has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Radha Ramadoss has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Anup Dubey has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Vasilenko has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Radha Ramadoss has joined Public “Office Hours”
![Linda Pham (Cloud Posse) avatar](https://avatars.slack-edge.com/2022-04-13/3374321180711_438a91ddd259ebac3590_72.jpg)
Links from today’s office hours: https://spacelift.io/blog/introducing-spacelift-self-hosted https://aws.amazon.com/about-aws/whats-new/2023/04/aws-service-catalog-terraform-open-source/ https://github.com/aws-samples/service-catalog-engine-for-terraform-os https://github.blog/2023-03-28-introducing-self-service-sboms/ https://github.com/cloudposse/terraform-aws-ec2-autoscale-group/network/dependencies https://aws.amazon.com/blogs/aws/simplify-service-to-service-connectivity-security-and-monitoring-with-amazon-vpc-lattice-now-generally-available/ https://github.com/hashicorp/terraform-provider-aws/issues/30380 https://github.com/AlexNabokikh/tfsort? https://github.com/sylwit/terraform-cleaner https://github.com/SpotOnInc/renovate-config https://github.com/alfasoftware/astra github/cloudposse/packages Promptops.com https://github.com/jerryjliu/llama_index https://github.com/marketplace/actions/gitops-automatic-versioning
![attachment image](https://spaceliftio.wpcomstaging.com/wp-content/uploads/2023/03/152.self-hosted-announcemnet.png)
We are excited to announce that now it is possible to self-host an entire, fully-functional Spacelift platform within your AWS cloud.
![attachment image](https://github.blog/wp-content/uploads/2023/03/SBOM_darkmode.png)
Developers and compliance teams get a new SBOM generation tool for cloud repositories.
![SweetOps avatar](/assets/images/custom_emojis/sweetops.png)
2023-04-06
2023-04-08
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
![attachment image](https://miro.medium.com/v2/resize:fit:804/0*Mf5evC7iT0LL4AMP.png)
Why Writing Terraform Code Is Not for Everyone: A Comprehensive Guide to Terraform’s Challenges and Limitations
![pjaudiomv avatar](https://secure.gravatar.com/avatar/40f13c8f113a13f5b9730c8cd47ec9ee.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
This is horribly written
![attachment image](https://miro.medium.com/v2/resize:fit:804/0*Mf5evC7iT0LL4AMP.png)
Why Writing Terraform Code Is Not for Everyone: A Comprehensive Guide to Terraform’s Challenges and Limitations
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
![Alex Atkinson avatar](https://avatars.slack-edge.com/2022-07-20/3814291485031_7e50a52ae8b830cdc7e2_72.jpg)
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
did you guys discussed this before?
2023-04-10
2023-04-11
2023-04-12
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here office hours is starting in 30 minutes! Remember to post your questions here.
![Vlad Ionescu (he/him) avatar](https://avatars.slack-edge.com/2020-10-03/1417676895681_ea45b3f22e5fea04f2fc_72.png)
I won’t make it today, sorry
![Vlad Ionescu (he/him) avatar](https://avatars.slack-edge.com/2020-10-03/1417676895681_ea45b3f22e5fea04f2fc_72.png)
In case you missed it, EKS just got 1.26 support https://aws.amazon.com/blogs/containers/amazon-eks-now-supports-kubernetes-version-1-26/
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Thanks!
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Taylor Turner has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Pursifull has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Nenna Salinas has joined Public “Office Hours”
![venkata.mutyala avatar](https://avatars.slack-edge.com/2022-01-10/2935964026964_e3525ee61170d7dc3198_72.png)
When updating EKS how do you folks do it? I tried doing it via terraform and got the error below, but when i updated it manually in the AWS Console/UI it worked fine and my terraform plan was clean without changes.
When using the cloudposse modules to manage EKS how do you folks do your EKS upgrades?
module.cluster.aws_iam_role_policy_attachment.ebs_csi: Refreshing state... [id=AmazonEKS_EBS_CSI_DriverRole-2023041217083972830000000a]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
<= read (data resources)
Terraform planned the following actions, but then encountered a problem:
# module.cluster.module.kubernetes.data.aws_eks_cluster_auth.eks[0] will be read during apply
# (depends on a resource or a module with changes pending)
<= data "aws_eks_cluster_auth" "eks" {
+ id = (known after apply)
+ name = "cluster"
+ token = (sensitive value)
}
# module.cluster.module.kubernetes.data.tls_certificate.cluster[0] will be read during apply
# (depends on a resource or a module with changes pending)
<= data "tls_certificate" "cluster" {
+ certificates = (known after apply)
+ id = (known after apply)
+ url = "<https://oidc.eks.us-west-2.amazonaws.com/id/190881CA4EA9C23E6847BDCA0F149F8F>"
}
# module.cluster.module.kubernetes.aws_eks_cluster.default[0] will be updated in-place
~ resource "aws_eks_cluster" "default" {
id = "cluster"
name = "cluster"
tags = {
"Attributes" = "cluster"
"Name" = "cluster"
}
~ version = "1.24" -> "1.25"
# (10 unchanged attributes hidden)
# (3 unchanged blocks hidden)
}
# module.cluster.module.kubernetes.aws_iam_openid_connect_provider.default[0] will be updated in-place
~ resource "aws_iam_openid_connect_provider" "default" {
id = "arn:aws:iam::739737747774:oidc-provider/oidc.eks.us-west-2.amazonaws.com/id/190881CA4EA9C23E6847BDCA0F149F8F"
tags = {
"Attributes" = "cluster"
"Name" = "cluster"
}
~ thumbprint_list = [
- "9e99a48a9960b14926bb7f3b02e22da2b0ab7280",
] -> (known after apply)
# (4 unchanged attributes hidden)
}
Plan: 0 to add, 2 to change, 0 to destroy.
╷
│ Error: configmaps "aws-auth" is forbidden: User "system:anonymous" cannot get resource "configmaps" in API group "" in the namespace "kube-system"
│
│ with module.cluster.module.kubernetes.kubernetes_config_map.aws_auth_ignore_changes[0],
│ on .terraform/modules/cluster.kubernetes/auth.tf line 118, in resource "kubernetes_config_map" "aws_auth_ignore_changes":
│ 118: resource "kubernetes_config_map" "aws_auth_ignore_changes" {
│
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alex Atkinson has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Robert Jordan has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
venkata mutyala has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
David Hawthorne has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Ian Bartholomew has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Joe Caulfield has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jim Park has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Isaac M has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Ozzy has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
tyler has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Jenkins has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Andrew Vitko has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
AJ Junior has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
John Mitchell has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Matt Calhoun has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Johnmary Odenigbo has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Antarr Byrd has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Allen Lyons has joined Public “Office Hours”
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![attachment image](https://miro.medium.com/v2/resize:fit:900/0*4Jw6lYQle2K1Y2mm.png)
We are now welcoming “Electrifying”. Process and considerations while upgrading EKS control-plane to version 1.26.
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jeremy White has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Adedapo Ajuwon has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Kris Musard has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
mtamsky has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Marc Slayton has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Brandon Nason has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Ozzy has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Ralf Pieper has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Ozzy has joined Public “Office Hours”
![SweetOps avatar](/assets/images/custom_emojis/sweetops.png)
![Nenna avatar](https://avatars.slack-edge.com/2023-03-01/4881731218722_e0aeb49da15306dce6fd_72.jpg)
Links from today’s office hours:
https://atmos.tools/cli/configuration/#logs https://clark.center/browse?collection=nccp&currPage=1 https://bashdb.sourceforge.net/remake/ https://www.hashicorp.com/blog/vault-secrets-operator-a-new-method-for-kubernetes-integration https://www.hashicorp.com/blog/introducing-hermes-an-open-source-document-management-system https://github.com/future-architect/tftarget https://aws.amazon.com/about-aws/whats-new/2023/04/aws-app-runner-compute-configurations/ https://aws.amazon.com/blogs/containers/amazon-eks-now-supports-kubernetes-version-1-26/ https://news.ycombinator.com/item?id=32600821 http://mynixos.com/ https://www.chezmoi.io/ https://github.com/aws-samples/eks-cluster-upgrade https://github.com/terraform-aws-modules https://github.com/vmware-archive/kubewatch https://github.com/hwchase17/langchain
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
yes @Erik Osterman (Cloud Posse) with 12 GB and 4vCpus you can definitely run atlantis in app-runner
![fiesta_parrot](/assets/images/custom_emojis/fiesta_parrot.gif)
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I think this + a CloudFormation template would be a rad way to bootstrap GitOps for terraform
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
…requiring minimal scaffolding to get off the ground
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
cloudformation????? no no no I prefer to run a bash script with aws cli commands that that thing
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
That’s not very declarative
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
If it’s a oneliner AWS cli command I will forgive you ;)
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
lol
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
ChatGPT
AWSTemplateFormatVersion: 2010-09-09
Resources:
MyECRRepo:
Type: AWS::ECR::Repository
Properties:
RepositoryName: my-container-repo
MyAppRunnerService:
Type: AWS::AppRunner::Service
Properties:
ServiceName: my-app-runner-service
InstanceConfiguration:
InstanceRoleArn: !GetAtt MyIAMRole.Arn
InstanceType: FARGATE
SourceConfiguration:
RepositoryType: ECR
RepositoryUrl: !Sub "${AWS::AccountId}.dkr.ecr.${AWS::Region}.amazonaws.com/my-container-repo"
ImageIdentifier: 1.0
HealthCheckConfiguration:
HealthyThreshold: 1
UnhealthyThreshold: 1
Interval: 60
Path: /
Protocol: HTTP
AutoScalingConfiguration:
MinConcurrency: 1
MaxConcurrency: 2
AuthenticationConfiguration:
ConnectionArn: !Ref MySecretsManagerConnection
AccessRoleArn: !GetAtt MyIAMRole.Arn
MyAppRunnerDeployment:
Type: AWS::AppRunner::Deployment
Properties:
ServiceArn: !Ref MyAppRunnerService
DeploymentName: my-app-runner-deployment
SourceConfiguration:
CodeRepository:
RepositoryUrl: <https://github.com/my/repo.git>
SourceCodeVersion: main
InstanceConfiguration:
InstanceCount: 1
EnvironmentVariables:
◦ Name: ENV_VAR_1 ```
Value: my-value-1 ```
◦ Name: ENV_VAR_2 ```
Value: my-value-2 ``` ``` MyIAMRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement: ```
◦ Effect: Allow ```
Principal:
Service: apprunner.amazonaws.com
Action: sts:AssumeRole
Policies: ```
◦ PolicyName: MyECRPolicy ```
PolicyDocument:
Version: 2012-10-17
Statement: ```
◦ Effect: Allow ```
Action: ```
▪︎ ecr:GetAuthorizationToken
▪︎ ecr:BatchCheckLayerAvailability
▪︎ ecr:GetDownloadUrlForLayer
▪︎ ecr:BatchGetImage
▪︎ ecr:DescribeImages ```
Resource: '*' ``` ``` MySecretsManagerConnection:
Type: AWS::SecretsManager::SecretTargetAttachment
Properties:
SecretId: my-secrets-manager-secret
TargetId: !Ref MyAppRunnerService
TargetType: AWS::AppRunner::Service ```
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Grr on my phone, so that didn’t paste well
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
But to me, that’s a trivial amount of YAML
![jose.amengual avatar](https://secure.gravatar.com/avatar/32f267b819eac9e0ea6a8324b53064a0.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0024-72.png)
interesting
2023-04-13
2023-04-17
![Alex Atkinson avatar](https://avatars.slack-edge.com/2022-07-20/3814291485031_7e50a52ae8b830cdc7e2_72.jpg)
Compliance has been around for a while, but still I see folks thinking that they can “agreement” away the personal rights of their data subjects. As far as I know regulations are pretty straight forward. You collect Protected Data, you’re subject to the related laws, regardless of whether your product is “beta”. This article from Instabug suggest otherwise with statements like: “the developer disclaims any liability for data loss, damages”, and “Testing is the only purpose behind using the application and the developer disclaims any liability for data loss, damages,…”.
Is there a resource, such as a guide, that someone knows about that specifically kneecaps this line of thought? As far as I’m concerned, this shouldn’t need such elaboration, but people……… Unless I’m 100% wrong and you can easily skirt data protection regulations… But if that’s the case, why is compliance and infosec a billion dollar industry? So I’m pretty sure this isn’t the case.
2023-04-19
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here office hours is starting in 30 minutes! Remember to post your questions here.
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Oliver Schoenborn has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Rizky Ramadhan has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Nenna Salinas has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Robert Jordan has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Andy Wortman has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Andrew Vitko has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jacob Hudson has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Isaac M has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jared Richards has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Opeyemi folorunsho has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Holt has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Abdul Aziz Tetteh has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Jenkins has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Isa Aguilar has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Pursifull has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Diego Maia has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Eduardo Wohlers has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Chad Thomas has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Matt Calhoun has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
PePe Amengual has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jim C has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Kris Musard has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Abdul Aziz Tetteh has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Rizky Ramadhan has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Andrew Thompson has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Joko Sarjono has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jim Park has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Paul Marcelin has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Adedapo Ajuwon has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Austin Blythe has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alex Atkinson has joined Public “Office Hours”
![OliverS avatar](https://avatars.slack-edge.com/2020-04-30/1107989667377_3841766be8721753183c_72.jpg)
What have you found is THE simplest way to deploy a container for a prototype application? ECS+fargate?
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Amaan Khan has joined Public “Office Hours”
![SweetOps avatar](/assets/images/custom_emojis/sweetops.png)
![Nenna avatar](https://avatars.slack-edge.com/2023-03-01/4881731218722_e0aeb49da15306dce6fd_72.jpg)
Links from today’s office hours:
https://registry.terraform.io/modules/cloudposse/amplify-app/aws/latest https://github.com/kayac/ecspresso https://github.com/cloudposse/github-action-release-label-validator https://github.com/cloudposse/github-action-release-branch-manager https://github.com/cloudposse/github-action-major-release-tagger https://www.chatpdf.com/ https://techcrunch.com/2023/04/19/atlassian-brings-an-ai-assistant-to-jira-and-confluence/amp/? https://betterprogramming.pub/iac-secrets-management-from-github-secrets-to-aws-secrets-manager-63bb4fdd5992 https://github.com/jatalocks/terracove https://aws.amazon.com/about-aws/whats-new/2023/04/amazon-efs-10-gibs-throughput/ https://github.com/dagger/dagger https://sweetops.slack.com/archives/CHDR1EWNA/p1681756391429779 https://github.com/cloudposse/terraform-aws-components
2023-04-26
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@here office hours is starting in 30 minutes! Remember to post your questions here.
![hatz avatar](https://secure.gravatar.com/avatar/5644bafd98fdf8619738ead4f51946cd.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
I don’t really have a question and I’m unable to join because of a conflict, but I’d love to bring some attention to this if people are spending some time doing community stuff. I’ve been working with igor a bit on one of the github actions and I have a PR that fixes a breaking bug I found in the latest release: https://sweetops.slack.com/archives/CQA2BH8AG/p1682523233931669
Is it possible for someone to check out PR I have open on one of the cloudposse github actions? https://github.com/cloudposse/github-action-matrix-outputs-write/pull/20
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@Linda Pham (Cloud Posse)
![emem avatar](https://avatars.slack-edge.com/2020-12-02/1551004246900_d6f2b7fd5964834308d2_72.jpg)
Influx data lunches : https://www.influxdata.com/blog/introducing-influxdb-3-0/
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Erik Osterman (Cloud Posse) has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Vlad Ionescu has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Kevin Moore has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Nenna Salinas has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alejandro Calbazana has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Robert Jordan has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Jenkins has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jonathan Eunice has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Isaac M has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alex Atkinson has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Diego Maia has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alejandro Calbazana has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Pursifull has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
John Mitchell has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Kris Musard has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jared Richards has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jonathan Poczatek has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
PePe Amengual has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Max Lobur has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
emem u has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Charles Smith has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Adedapo Ajuwon has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Evan Pitstick has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Charles Smith has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Abdul Aziz Tetteh has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Alejandro Calbazana has joined Public “Office Hours”
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Jose Figueredo has joined Public “Office Hours”
![Vlad Ionescu (he/him) avatar](https://avatars.slack-edge.com/2020-10-03/1417676895681_ea45b3f22e5fea04f2fc_72.png)
0433 - VPC CNI Network Policy Support 0423 - Cluster Access Management 0403 - IRSAv2 0423 - Cluster updates 0458 - Karpenter Automatic Compute
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
VPC CNI Network Policy Support, will no longer need Calico
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Cluster updates → updated will become a lot easier
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Keynote from new GM of EKS project
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@Jeremy G (Cloud Posse) @Andriy Knysh (Cloud Posse)
![Zoom avatar](/assets/images/custom_emojis/zoom.png)
Michael Pursifull has joined Public “Office Hours”
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://web-gapps.pages.dev
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Compliance automation framework, focused on SOC2
![SweetOps avatar](/assets/images/custom_emojis/sweetops.png)
![Nenna avatar](https://avatars.slack-edge.com/2023-03-01/4881731218722_e0aeb49da15306dce6fd_72.jpg)
Links from today’s office hours:
https://infracopilot.io/ https://aws.amazon.com/about-aws/whats-new/2023/03/amazon-guardduty-monitors-runtime-activity-containers-eks/ https://github.com/robusta-dev/krr https://github.blog/changelog/2023-04-20-github-actions-create-and-share-your-own-deployment-protection-rules-for-safe-and-controlled-deployments/ https://github.com/tf-libsonnet/core https://www.thoughtworks.com/radar?utm_source=marketo&utm_medium=email&utm_campaign=techradar-vol28_2023-04&mkt_tok=MTk5LVFERS0yOTEAAAGLW_VMeFYc69h2Mrph2Fz21dF73QVy2VL6vkxJHEL95eBNlyOojdNoqXFgWaSuKRXyRNalW7SiQgvgM6JmbR6thye_lD1TYRVUBZAsXHDTDnYGlqc https://www.reddit.com/r/Terraform/comments/12yvukb/mac_literally_just_started_blocking_terraform/ https://github.com/stefanprodan/timoni https://atlasgo.io/blog/2023/04/21/terraform-v050 https://aws.amazon.com/about-aws/whats-new/2023/04/amazon-ec2-ubuntu-pro-subscription-model/ https://aws.amazon.com/about-aws/whats-new/2023/04/amazon-guardduty-aws-lambda/ https://www.youtube.com/watch?v=LGD52z0LxAA https://github.com/klothoplatform/klotho https://ermetic.com/solution/just-in-time/ https://github.com/bmarsh9/gapps https://github.com/strongdm/comply https://github.com/cloudposse/terraform-aws-amplify-app https://www.datacenterdynamics.com/en/news/water-leak-at-paris-global-switch-data-center-causes-fire-leads-to-outages-at-google/#<i class="em em-~~~"https://www.datacenterdynamics.com/en/news/water-leak-at-paris-global-switch-data-center-causes-fire-leads-to-outages-at-google/#:~~~ext=[…]a%20fire