#office-hours (2023-11)
“Office Hours” are every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers! https://cloudposse.com/office-hours
Public “Office Hours” are held every Wednesday at 11:30 PST via Zoom. It’s open to everyone. Ask questions related to DevOps & Cloud and get answers!
https://cpco.io/slack-office-hours
Meeting password: sweetops
2023-11-01
@here office hours is starting in 30 minutes! Remember to post your questions here.
Folks are starting to analyze the impact of Hashi’s license change on contributions. https://thenewstack.io/open-source-in-numbers-the-terraform-license-change-impact-on-contribution/
Links from today’s office hours:
https://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html https://masterpoint.io/updates/terraform-null-label/ https://world.hey.com/dhh/the-price-of-managed-cloud-services-4f33d67e https://theburningmonk.com/2023/10/serverless-v4-will-start-charging-users-but-thats-a-good-thing/ https://slack.cloudposse.com/ https://sweetops.slack.com/archives/C063TG2DYTC https://github.com/hashicorp/terraform/pull/34127 https://aws.amazon.com/about-aws/whats-new/2023/10/enable-aws-systems-manager-ec2-instances-organization/ https://aws.amazon.com/about-aws/whats-new/2023/10/multi-vpc-eni-attachments/ https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Best-Practice-Alarms.html https://graphite.dev/ https://axolo.co/ https://github.com/cloudposse/terraform-null-label/tree/main#input_id_length_limit https://coralogix.com/
2023-11-02
2023-11-06
2023-11-07
Hey folks – Not sure if KCL has been brought up before or not, but one my team members (Kevin) surfaced it recently. In looking into it, I’m interested. It has things that I’d both be excited to use and concerned about being overly complex.
Has anyone used it before in their own environments? Any strong opinions?
I could see this type of configuration language being huge for an atmos v2. I see a lot of the functionality that Atmos has built (imports, schema, etc.) as being first class in KCL, which would reduce a lot of the custom implementation burden. Would be interested to hear thoughts on that!
It’s a spin out of Ant Group’s internal dev platform, it looks well designed with lots integrations to argo etc.
I don’t think it’s gotten much traction beyond Ant Group or China, but perhaps it will now that it was recently accepted to the CNCF sandbox.
Used by Ant, Huawei, Youzan, etc
Huawei uses this to emit Terraform HCL
https://github.com/cncf/sandbox/issues/48 https://docs.google.com/document/d/1OykvqvhSG4AxEdmDMXilrupsX2n1qCSJUWwTc3I7AOs/edit
I think one of the kcl devs has posted it about before - @Xu Pengfei
Hi, this is Peefy, one of the core maintainers of KCL. It’s great to meet you here and welcome to join our community . KCL has just become a sandbox project for CNCF and is committed to improving the configuration and policy writing experience of API layers such as Kubernetes, Terraform, etc. We will maintain KCL for a long time and improve the user experience of KCL and continuously simplify it. and we will continue to build the community’s KCL module library: https://artifacthub.io/packages/search?org=kcl&sort=relevance&page=1 . In addition, the majority of adopters and communities are actually from outside China, as you can see in GitHub discussions and issue lists. If you have any further interests or encounter any problems, please feel free to communicate with me through any channels (GitHub Discussion, Slack, etc.)
good to know, thanks!
2023-11-08
@here office hours is starting in 30 minutes! Remember to post your questions here.
Links from today’s office hours:
https://www.infoq.com/news/2023/11/aws-well-architected-framework/ https://github.com/suzuki-shunsuke/tfprovidercheck https://thenewstack.io/grafana-wants-to-help-you-avoid-getting-dinged-by-kubernetes-costs/ https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/co-located-events/opentofu-day/#about https://aws.amazon.com/about-aws/whats-new/2023/11/cross-account-support-aws-global-accelerator/ https://www.hashicorp.com/blog/terraform-provider-code-generation-now-in-tech-preview https://github.com/maxgoedjen/secretive https://aws.amazon.com/about-aws/whats-new/2023/11/aws-app-runner-supports-ipv6-public-inbound-traffic/ https://aws.amazon.com/about-aws/whats-new/2023/11/amazon-cloudwatch-container-insights-enhanced-observability-eks/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-lambda-polling-scale-rate-sqs-event-source/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-codebuild-lambda-compute/ https://aws.amazon.com/blogs/aws/amazon-ec2-instance-metadata-service-imdsv2-by-default/ https://aws.amazon.com/about-aws/whats-new/2023/11/finch-generally-available-macos/ https://www.youtube.com/watch?v=nsIC7gKwGB8 https://github.com/github/roadmap/issues/833 https://cert-manager.io/docs/concepts/issuer/
2023-11-10
Have you experienced the AWS Builder Studio in NYC?
https://aws.amazon.com/executive-insights/aws-builder-studio/
2023-11-13
Hey everyone! Cloud Posse is 7 reviews away from becoming an AWS Advanced Partner. Big favor to ask! If you’ve found any part of our weekly “office hours” helpful, please let AWS know by leaving a review.
https://cloudposse.com/apn-review
Ah this is exciting news Erik – congrats on working your way up the totem pole in there!!
2023-11-14
Looks like Quay.io https://status.quay.io/ is having an outage where image pulls are failing. This appears to be impacting popular projects like argocd as well. Anyone here experience something similar and have a recommended solution?
2023-11-15
@here office hours is starting in 30 minutes! Remember to post your questions here.
This just hit one of my security alert threads - pls share - https://www.schneier.com/blog/archives/2023/11/new-ssh-vulnerability.html
carl carver • November 15, 2023 8:18 PM
I think the summary should’ve included this paragraph too:
The countermeasure to the attacks we describe in this paper is
well known: implementations should validate signatures before
sending them. OpenSSH, the most common SSH implementation
we observed in this data, implements this countermeasure because
it uses OpenSSL to generate signatures, and OpenSSL has included
countermeasures against RSA fault attacks since 2001.
Links from today’s office hours:
https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-cloudfront-security-dashboard-a-unified-cdn-and-security-experience/ https://thenewstack.io/how-to-use-databases-inside-github-actions/ https://github.com/slalombuild/terraform-accelerator https://github.com/github/roadmap/issues/833 https://www.paloaltonetworks.com/blog/prisma-cloud/github-actions-worm-dependencies/ https://github.com/GitHubSecurityLab/actions-permissions https://status.quay.io/ https://github.blog/2023-11-08-the-state-of-open-source-and-ai/ https://partners.amazonaws.com/partners/0010L00001oAqSvQAK/Cloud%20Posse,%20LLC https://github.com/porscheofficial/terraform-aws-ecr-watch https://aws.amazon.com/blogs/aws/new-multi-account-search-in-aws-resource-explorer/ https://www.microsoft.com/en-us/power-platform/products/power-bi/ https://www.atlassian.com/git/tutorials/git-move-repository https://developer.1password.com/docs/connect/connect-api-reference/ https://github.com/onetimesecret/onetimesecret https://share.doppler.com/ https://github.com/tellerops/teller https://docs.aws.amazon.com/lambda/latest/dg/lambda-urls.html
2023-11-17
He might be back by Wednesday.
Ideally before tomorrow. It seems like talks are still on-going
See also ai
2023-11-19
2023-11-20
Hashicorp will be there for a long period but won’t perform as well as before any more
This pricing model seems too complicated to estimate the spending.
Take my words back - it is just insane.
wow, this CEO is destroying a great company
2023-11-21
2023-11-22
I’ll miss today’s call too — sorry!
Hopefully see you next week!
@here office hours is starting in 30 minutes! Remember to post your questions here.
Links from today’s office hours:
https://aws.amazon.com/blogs/devops/introducing-amazon-codewhisperer-for-command-line/ https://aws.amazon.com/blogs/aws/introducing-amazon-cloudfront-keyvaluestore-a-low-latency-datastore-for-cloudfront-functions/ https://techcrunch.com/2023/11/20/with-functional-source-license-sentry-wants-to-grant-developers-freedom-without-harmful-free-riding/amp/ https://openai.com/blog/openai-announces-leadership-transition https://twitter.com/satyanadella/status/1726516824597258569 https://twitter.com/OpenAI/status/1727206187077370115 https://github.com/fly-apps/terraform-provider-fly/issues/254 https://community.fly.io/t/fresh-produce-volumes-endpoints-in-machines-api/14408/15 https://opentofu.org/blog/what-we-learned-while-working-on-opentofus-new-test-feature/ http://terraform-plugin-docs https://aws.amazon.com/about-aws/whats-new/2023/11/aws-glue-entity-level-actions-sensitive-data/ https://aws.amazon.com/about-aws/whats-new/2023/11/amazon-s3-server-access-logging-date-partitioning/ https://aws.amazon.com/about-aws/whats-new/2023/11/ec2-image-builder-lifecycle-management-deletion/ https://www.wiz.io/blog/key-takeaways-from-the-wiz-2023-kubernetes-security-report https://github.com/nektos/act https://github.com/rhysd/actionlint https://dagger.io/ https://megalinter.io/latest/ https://aquasecurity.github.io/trivy/v0.31.3/docs/cloud/aws/scanning/ www.checkov.io https://github.com/bridgecrewio/checkov-action
2023-11-26
2023-11-27
Anyone here using vault with a community support backend like S3? ref: https://developer.hashicorp.com/vault/docs/v1.14.x/configuration/storage/s3
2023-11-29
@here office hours is starting in 30 minutes! Remember to post your questions here.
Hello Erik, is there a Zoom passcode for this meeting? It’s my first time joining, greetings from Costa Rica.
Sorry I missed your message
If you signed up at cloudposse.com/office-hours, you should receive an invitation which has the join code
Amazon Q…. With the most annoying notice that WILL NOT GO AWAY!
I was immediately disappointed.
LOOL
Links from today’s office hours:
https://www.broadcom.com/blog/broadcom-announces-successful-acquisition-of-vmware https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr23-01-security-advisory/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-backup-restore-testing/ https://aws.amazon.com/about-aws/whats-new/2023/11/dashboard-enhancements-aws-security-hub/ https://aws.amazon.com/about-aws/whats-new/2023/11/new-finding-enrichment-aws-security-hub/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-security-hub-central-configuration/ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_organization_conformance_pack https://aws.amazon.com/about-aws/whats-new/2023/11/amazon-managed-service-prometheus-agentless-collector-metrics-eks/ https://aws.amazon.com/about-aws/whats-new/2023/11/amazon-efs-250000-iops-per-file-system/ https://aws.amazon.com/about-aws/whats-new/2023/11/automate-aws-control-tower-zone-operations-apis/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-cloudformation-git-management-stacks/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-console-to-code-preview-generate-console-actions/ https://aws.amazon.com/about-aws/whats-new/2023/11/aws-amazon-q-preview/ https://aws.amazon.com/blogs/aws/upgrade-your-java-applications-with-amazon-q-code-transformation-preview/ https://aws.amazon.com/blogs/aws/new-amazon-s3-express-one-zone-high-performance-storage-class/ https://www.hashicorp.com/blog/terraform-delivers-launch-day-support-for-amazon-s3-express https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/securityhub_organization_configuration https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/config_organization_conformance_pack https://fireflies.ai/ https://github.com/iann0036/AWSConsoleRecorder https://aws.amazon.com/blogs/aws/improve-developer-productivity-with-generative-ai-powered-amazon-q-in-amazon-codecatalyst-preview/ https://aws.amazon.com/blogs/aws/mutual-authentication-for-application-load-balancer-to-reliably-verify-certificate-based-client-identities/ https://aws.amazon.com/about-aws/whats-new/2023/11/application-load-balancer-availability-target-weights/ https://aws.amazon.com/blogs/aws/mutual-authentication-for-application-load-balancer-to-reliably-verify-certificate-based-client-identities/