The ramblings of a computer geek
AWS CloudFront allows you to front your application (be it on EC2 instances or REST API etc.) so you can provide high availability, caching and protection (with WAF) to the workload. When configuring your application, you don’t want the application to be directly accessible without using CloudFront, so therefore you need to add some restrictions, … Read more
Here’s a little oddity with AWS Route Tables within Terraform, if you want to remove all of the routes in a route table, you can’t just delete or comment them out, otherwise it treats them as if nothing has changed. See the below example, you comment/remove the routes, then in its place add a blank … Read more
Even after designing, deploying and supporting Microsoft Exchange servers for longer than I choose to remember, I stumbled across something I never knew before yesterday; and that was why something was named the way it was. In Exchange 2007, Microsoft decided to remove the concept of “Administrative Groups”, however they needed to retain administrative groups … Read more
During my learning of AWS and its deployment via Terraform, I came across an issue where my EC2 instances kept getting destroyed, even when no changes had been made to them. For example in the plan output: Notice the “# forces replacement” on the security_groups directive. Turns it it was quite a simple fix, although … Read more
So you created an Exchange Online User and Mailbox but you’re still in a hybrid configuration where you are managing Exchange mailboxes on-premise. What this means is that the on-premise Exchange Organisation has no idea that the user exists, it doesn’t appear in Exchange Admin Center and it also probably won’t appear in the GAL. … Read more
Today we had a bit of a stop and think moment with a delegated domain; it was a good thought experiment to walk though. So let’s say you have a sub-domain thing.example.com of the domain example.com. The thing.example.com has been delegated by the administrators of example.com to a 3rd party who will manage the namespace … Read more
From the AWS CLI you can easily see how big a AWS S3 Bucket, firstly login to the AWS CLI and then you can run the command:
Its always best to be using a user account authenticated via SSO (so you can have additional levels of security, e.g. MFA) on-top, and access AWS resources using a temporary Role (to provide the permissions). For most use cases e.g. interacting with the Web Console, using the CLI or performing development tasks via Cloudformation templates … Read more
We are currently going through a migration from on-premise Microsoft Exchange servers to Microsoft Exchange Online (Microsoft 365). We needed to determine what ActiveSync clients were in use to be able to provide guidance to users of what to do. So I wrote a simple script that retrieves all the mailboxes (that are enabled) and … Read more
Let’s say you’re needing to examine the logs using Splunk to find invalid logins, but perhaps the way the logging works from your application, Splunk is not able to identify the IP Address automatically. This isn’t a problem, you can use a Regex. So let’s say you’re looking for the string “failed login for user … Read more