AWS CloudFront Security Group for Workload Protection (Terraform)

AWS CloudFront allows you to front your application (be it on EC2 instances or REST API etc.) so you can provide high availability, caching and protection (with WAF) to the workload. When configuring your application, you don’t want the application to be directly accessible without using CloudFront, so therefore you need to add some restrictions, … Read more

Removing AWS Route Table Routes

Here’s a little oddity with AWS Route Tables within Terraform, if you want to remove all of the routes in a route table, you can’t just delete or comment them out, otherwise it treats them as if nothing has changed. See the below example, you comment/remove the routes, then in its place add a blank … Read more

FYDIBOHF23SPDLT

Even after designing, deploying and supporting Microsoft Exchange servers for longer than I choose to remember, I stumbled across something I never knew before yesterday; and that was why something was named the way it was. In Exchange 2007, Microsoft decided to remove the concept of “Administrative Groups”, however they needed to retain administrative groups … Read more

Microsoft 365 Exchange Online Mailbox Created Before Being Created in On-Premise Exchange

So you created an Exchange Online User and Mailbox but you’re still in a hybrid configuration where you are managing Exchange mailboxes on-premise. What this means is that the on-premise Exchange Organisation has no idea that the user exists, it doesn’t appear in Exchange Admin Center and it also probably won’t appear in the GAL. … Read more

DNS Delegation and Adding a Record – What happens when all admins have gone?

Today we had a bit of a stop and think moment with a delegated domain; it was a good thought experiment to walk though. So let’s say you have a sub-domain thing.example.com of the domain example.com. The thing.example.com has been delegated by the administrators of example.com to a 3rd party who will manage the namespace … Read more

Upload Files (Objects) to AWS S3 without timeouts

Its always best to be using a user account authenticated via SSO (so you can have additional levels of security, e.g. MFA) on-top, and access AWS resources using a temporary Role (to provide the permissions). For most use cases e.g. interacting with the Web Console, using the CLI or performing development tasks via Cloudformation templates … Read more

Splunk Regex for IP Addresses

Let’s say you’re needing to examine the logs using Splunk to find invalid logins, but perhaps the way the logging works from your application, Splunk is not able to identify the IP Address automatically. This isn’t a problem, you can use a Regex. So let’s say you’re looking for the string “failed login for user … Read more