Just found this out - you have to hard code '--region us-east-1` when run aws support trusted advisor relevant commands. I guess this is caused by the same reason that I explained in my previous blog IAM dependency. Here is my conclusion: whenever AWS says the service is global which does not require a region … Continue reading ‘aws support describe-trusted-advisor-checks’ is us-east-1 only?
CloudTrail bug
I found this bug in CloudTrail when working on the AWS keyWatcher project. I noticed that some CloudTrail logs do not have access key id field. Then I opened a ticket with AWS support, and they forwarded it to the CloudTrail service team. Here is the response which confirms it is a bug: Briefly speaking, … Continue reading CloudTrail bug
AWS keyWatcher
We have seen multiple times that users accidentally expose their AWS access key and secret key on Internet, e.g. GitHub. This is a really dangerous thing, as whoever get that key can do whatever you can do to your AWS account. Here are two examples, the exposed key was used by someone unknown to create … Continue reading AWS keyWatcher
AWS IAM Dependency
I did not know that there is a dependency between regions for AWS IAM service until one day when IAM had a outage, as I have never seen any relevant information in any AWS documentations. On 23/Aug Sydney time, I notice that the IAM console is not full functional when I try to make a … Continue reading AWS IAM Dependency
Akamai add basic auth to incoming request
In some cases, Akamai may need to add auth basic to incoming request before sending it to the origin. Here is how to: 1) encode the username and password in the format of username:password. It can be done either via bash script or the online tool. # echo -n username:password | base64 dXNlcm5hbWU6cGFzc3dvcmQ= https://www.base64encode.org/ 2) Add a behavior … Continue reading Akamai add basic auth to incoming request
Jackie Chen's IT Workshop 