IP address allow lists are a handy tool for restricting access to cloud resources. However, managing an allow list can be difficult if you have client devices with dynamically assigned IP addresses. This post describes how to use Tailscale’s subnet router capability to route AWS bound traffic from your Tailnet through a subnet router so it will present as coming from a single IP address.
I recently bought and assembled an ODROID H3 computer from HardKernel in South Korea. The parts were easy to buy, arrived quickly, and were fun to put together. This post details what I bought, along with a few tips if you decide to build one for yourself.
I experimented with NixOS as the base for a new Home Assistant server I’m building but ended up not using it in production because of issues with the documentation and general concerns around packaging.
I get confused with the difference between imperative and declarative configuration. This post is a quick reminder for myself with a simple Terraform example.
I’m not one to make New Year’s resolutions, but there are a number of things I’m looking forward to in 2023. Most of them are pretty nerdy…
I recently struggled with creating a phone number entry field in an Angular application that uses Material Design components. This post describes how I solved the problem and provides code that might be useful for your project.
AWS recommends organizing your cloud infrastructure using multiple accounts within an AWS Organization. This post describes some strategies that have worked well for me managing multi-account environments with a few hundred to a few thousand AWS resources.
I just learned that John Osmann has passed away. I’m sad and can think of nothing else to do but reflect on how grateful I am to have had such a joyful person to grow up with.
This post introduces the basic elements of the AWS API Gateway and demonstrates how to deploy a useful API Gateway microservice using Terraform. This service will answer the common “What is my IP?” question by providing the client’s IP address, User-Agent, and the time the request was received. All of this is achieved with just an AWS API Gateway service configured with Terraform, no Lambda functions required.
The AWS Go SDK’s V4 Signer requires Credentials. While you can create Credentials with an access key and secret, when you’re running in Lambda you should get the credentials from your function’s assumed role. The documentation doesn’t provide a clear example of how to do this, but it’s easy.
When I’m working with AWS managed services like Beanstalk, ECS, Lambda, CodePipeline, CodeBuild, or whatever, I often have difficulty remembering which roles and policies these managed services are operating under. The aws sts get-caller-identity command provides a quick solution to this problem. As the documentation says, it…
Every time I hear about a company’s critical data being left exposed on the internet, I start thinking about my S3 buckets.
I’ve been using my iPhone XS for about 3 weeks now after my hellish Google support experience. So far the transition has been mostly painless. Here’s what I’m enjoying from the hardware side of things.
I took this morning off work to take advantage of the “crummy” weather we’re having, so I could shoot some approaches in real Instrument Meteorological Conditions (IMC). The ceiling was 900’ and visibility was 3 miles in mist at San Carlos (SQL) when I was ready to depart. These were probably the lowest conditions I’ve departed in since I’ve received my instrument rating but I was confident that I could make it back to San Carlos if I had any problems during takeoff and on my way down from the city I noticed there was a sizable break in the cloud cover over SFO so that was an option as well.
For the first weekend in March, we had some amazingly clear weather last weekend. It gave me an opportunity to take some friends on a couple trips over San Francisco in what is commonly referred to as the “Bay Tour”. When I got back into flying a few years ago, I was eager to fly the Bay Tour. Unfortunately, most of the information I found online talked about how incredible the flight was rather than more practical information about what to expect as a pilot. Having now flown dozens of Bay Tours out of San Carlos (SQL), I thought it would be a good time to share my perspective and experiences.
While my flight instructor Martin and I were working with the autopilot last weekend, we also spent some time working on flying with a partial panel. This practice is intended to simulate the failure of one or more instruments on the panel. For this particular “failure,” we simulated losing the directional gyro and attitude indicator by applying round covers that obscured the instrument faces. These are gyroscopic instruments that rely on a vacuum pump to operate, so we were essentially simulating a vacuum pump failure.
When I was shopping for a plane two years ago, my goal was to get a capable IFR platform for my instrument training and eventual instrument flight. Not being an instrument rated pilot, I leaned on my friends and flight instructor for advice. The overwhelming response was “you gotta have an autopilot.”
I topped off a busy work week with a busy weekend of air work. On Saturday afternoon we departed San Carlos for Salinas to do the Localizer DME runway 31 approach, my first with a DME arc. We had practiced DME arcs the previous weekend out in the central valley well away from any significant terrain. As you can see from the approach plate, that isn’t the case with this approach.
Last Sunday’s flight was a real workout including holding patterns, DME arcs an approach to Tracy (KTCY) and Los Banos (KLSN). The biggest lesson of the day was to brief the approach before flying the approach. Martin was playing the role of air traffic control while I was under the hood. After vectoring out of San Carlos, he had me cross TRACY intersection at 3,500’ and proceed direct OMWAP for the RNAV (GPS) Rwy 26 approach.
Flying into Santa Rosa airport on an approach inspired by Charles M. Shulz
After passing my Instrument Rating Airman Knowledge Test last May, I began working through the flight training over the summer. Unfortunately work and life just got in the way but I have recently picked up the training again and will hopefully be able to complete the complete certification this time around.
My dad, Joel Dalrymple, used to love taking pictures and giving slide shows. I was really young when he would give the occasional impromptu slide show at our house but I do recall them being lively affairs.
I want the headings in my documents to have heading numbers. That way when I’m speaking to someone on the phone or via email, I can have them quickly navigate the document (e.g. “It’s in the first paragraph of section 2.2 on page 14.”). If you’re coming from Word, figuring out how to do this in Lotus Symphony isn’t necessarily easy but this lesson should show you how.
When I was going to college in Boulder, one of my favorite treats was the beer bread at the Walnut Brewery. I don’t make it back to Boulder very often so I like to make the bread here in San Francisco using our very own Anchor Steam Beer. The following is a slightly modified version of the original.
Last fall IBM introduced their Lotus Symphony product (re-introduced really). This time around Symphony is a reworked version of the Open Office suite of business applications (word processor, spreadsheet, and presentation) integrated with the Eclipse application framework. I’ve been a huge fan of Eclipse since it first appeared as a replacement for the IBM Visual Age development environment. Eclipse has since grown into a multi-purpose framework for developing cross-platform applications.
When you style your Symphony documents you should really use custom styles rather than individually styling your text. By using styles you can update the look of your document without having to go page by page making changes. A quick change of the appropriate style will propagate the change throughout your document.
Usually the Internet works great and I can get to everything I need to from wherever I may be. Sometimes, however, I find myself in a network with a firewall that blocks access to something I want. At times like those I revert to using SSH tunnels. Unfortunately (depending on how you look at it) I don’t find myself in those situations often enough to memorize the proper command syntax. Hopefully this blog entry will save me the hassle of sifting through Google results for the solution.