Monday, February 17, 2020

Guide for AWS Cloud Security, Governance, and Compliance

A really good collection to learn and understand basic of AWS Cloud Security, Governance, and Compliance


Could not switch roles using the provided information. Please check your settings and try again. If you continue to have problems, contact your administrator.

Could not switch roles using the provided information. Please check your settings and try again. If you continue to have problems, contact your administrator.


If you get this error than there is a big probability the user has no permission to assume a role. Add a new policy to user to allow assuming roles. check the below article:


if it doesn't work leave a comment. 



Sunday, February 16, 2020

ECS Fargate ERROR : CannotPullContainerError: Error response from daemon

Last week i was asked to look into an issue faced by the team working on a service deployed in ECS Fargate

ERROR

CannotPullContainerError: Error response from daemon: Get https://xxxxxxxxxxxx.dkr.ecr.us-east-x.amazonaws.com/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)



Details:
The container service was failing to provision and stopping with the above error.


Possible Reasons:
The error indicated that the container is failing during "Pull" event and in this case, the only pull request which is configured is for the docker image maintained in ECS registry. 

Most of the times such issue occurs due to lack of access and this case was no different.. There are two possible ares to look at for enabling Fargate resource deployed in private subnet to pull image from ECS registry


  • If task is launched without an public IP, its it required to configure route table on the subnet with has "0.0.0.0/0" going to a NAT Gateway or NAT instance . This is to ensure it can connect to internet. If task is launched with an public IP, configure route table on the subnet to have "0.0.0.0/0" going to an internet gateway to ensure traffic can flow in.


  • Ensure the security groups for the Task allows for outbound access. 

if internet  access is a concern than another option is to deploy registry inside VPC.
Here is link for one of the option 






Thursday, January 23, 2020

OAUTH 2.0 in less than 5 min

As you had requested, here is a short video on OAUTH 2.0. More to come stay tuned.






Wednesday, January 08, 2020

GITLAB commands - High Frequency

I always notice the developers struggling to get the command line right for GIT. I was planning to put together list of frequently used command  but came across cheatsheet put by GitLab

https://about.gitlab.com/images/press/git-cheat-sheet.pdf

If you feel there are more which is good to have handy, just write a comment.

Happy Versioning!!!

Tuesday, January 07, 2020

T and Z in DateTime like 2009-08-28T23:55:16.000Z

A very simple question for a person who codes(hopefully) but for business users this can be very confusing.

What do you mean by below DateTime

2009-08-28T23:55:16.000Z

Lets explain this 

ISO 8601 (The International Standard for the representation of dates and times)
states the following definition

The "T" corresponds to Time of the date(Duhh... no brainer)  and "Z"  is special UTC designator

So the DateTime  2009-08-28T23:55:16.000Z states

Date as 2009-08-28
Time as 23:55:16.000
"Z" stands for UTC

The above time can be also be represnted in EST as
2009-08-28T23:55:16-05:00 (EST) where  -05:00 is Timezone offset


Happy coding!!!

- Metahat


Guide for AWS Cloud Security, Governance, and Compliance

A really good collection to learn and understand basic of  AWS Cloud Security, Governance, and Compliance https://d1.awsstatic.com/tra...