A conversation at work a few weeks ago reminded me that a lot of folk don’t have AWS CloudShell on their radar, which surprised me a little.
Continue reading “AWS CloudShell – A surprisingly neat trick”Keeping the receipts
A remarkable asset from McSweeneys: Lest We Forget The Horrors (via Kottke.org)
McSweeney’s have taken on the task of keeping a running list of all the appalling things that the Trump 2.0 administration are doing.

For me, one of the striking things about this is that during Trump 1.0, the various newspapers of record were, broadly, still monitoring and enumerating what was going on. They now appear to be largely absent (although a hat tip to The Atlantic this week).
In Europe and the UK, the media on the whole is trying to pretend that they can discuss the US administration as if it’s actions are fundamentally sane and reasoned, rather than at best randomly mad, and at worst the first steps toward full-fledged fascism.
Blithering about this on social media is cathartic, but doesn’t promote serious consideration of what we do next – it just gets lost in the clickbait, thirst traps, grifting, and tinfoil hat conspiracies.
We need voices that are perceived as reliable to be doing what McSweeney’s are doing: standing up and saying “this is very, very bad”
The Independent Life of Data
Something I frequently say, or write, is an assertion that data has a lifecycle and existence independent of the tools we use. I’ve never sat down to explore what that actually means.
Continue reading “The Independent Life of Data”Occasionally Lightsailing
I don’t know whether the creators of AWS Lightsail were thinking about solar sails or whether they just thought it was a cool name, but doing some work with Lightsail got me thinking.

No more AWS Access Keys?
It’s too common these days that I struggle to find solid stretches of time to think about things, so I tend to make progress on tech chores while I’m on holiday. This is an example…

One of the things that has been on my mind is to follow AWS best practices, and try to eliminate the use of IAM access key and secret access key pairs from my laptop. It’s a good rule of thumb from AWS, but it turns out to be rather frustratingly poorly explained how you can go about it. So, here’s what I worked out for my purposes.
Two big caveats: this solution was for my own personal use cases, and may not match yours. Also, it’s quite Mac-centric, because that’s where I work. Your mileage may vary.
Continue reading “No more AWS Access Keys?”AWS MSK + Glue – Part One
Over December 2022 I got it into my head that I wanted my teams to skill up on the combination of Kafka and a Schema Register. There’s a ton of resources on introducing the use of Kafka, and some resources on using a Schema Registry, but I was not satisfied that there were any consolidated quick-starts that experienced engineers could use as templates for building real production solutions.
Continue reading “AWS MSK + Glue – Part One”Give me a shell and a place to stand…
I was thinking yesterday “hmm, I seem to have more AWS KMS keys than I’m actually using”. But how to find them when they are scattered across regions?
AWS Cli to the rescue. A trivial bash script, and voila a list of KMS Key ARNs across my entire account:
#!/bin/bash
PROF=adm_rhook_cli
for REGION in $(aws --profile $PROF ec2 describe-regions | jq -r '.Regions[].RegionName')
do
aws --profile $PROF --region $REGION kms list-keys | jq '.Keys[].KeyArn'
done
The only complicated part was remembering how to use jq to parse JSON. The syntax for that never seems to stick in my head.
If you’re not in the habit of writing tiny shell scripts for automation — get the habit. The closer you get to the machine, the more power you have. Also — the lingua franca of Linux is ASCII text (ok, I guess technically UTF-8 now?) and getting comfortable piping results from one tool into another with appropriate text manipulation is a super power.
Zookeeper on Raspberry Pi
Ok, yeah, I probably don’t really need a Zookeeper cluster running in the house, but there are a few Raspberry Pi’s around that are mostly idle — we use them for streaming music from our various devices to the speakers in some of the rooms.
Continue reading “Zookeeper on Raspberry Pi”Thibault – with added diagrams
We heard that Thibault liked diagrams, so here are some diagrams about Thibault’s diagrams…
Some years ago my partner-in-crime (and life) and I presented an introductory workshop on Thibault, and as part of preparing for that, they drew up some flowcharts for the relationships between the “circles” in Thibault’s plates, from Chapter 5 through Chapter 8.
Continue reading “Thibault – with added diagrams”Wasabi and AWS S3 – A comparison
Wasabi is a very interesting and compelling competitor for AWS S3, but also potentially a superb collaborator.
What are Wasabi and S3 though? Stripping these services down to their barest bones, they are cloud-based, highly available and resilient object stores with effectively unlimited storage capacity. Digging a bit further, they are both key/value stores, which means that every binary object is uniquely identified by a key, in much the same way that a file on your laptop is uniquely identified by a folder path and file name.
Continue reading “Wasabi and AWS S3 – A comparison”