AI based development is so cool. Two weeks ago I didn’t know what NextJS was. Today I made an app using Cursor – The AI Code Editor and Vercel in less than an hour that can list and map AWS resources in a particular account. All you have to do is provide the credentials.
You can access the app here: https://github.com/main-salman/list-and-map-aws-resources
Here is a quick video of the app in action here:
There’s more on the way!
A bunch of Crossplane/ArgoCD tutorials exist already – so why create another one? This one starts FROM SCRATCH, and takes you through all the way to creating resources on AWS.
Crossplane is not necessarily easy to get started with. But, once you get it going, it’s not much harder to use than Terraform, but with a whole lot more benefits.
If you’re new to Crossplane, these videos offer an excellent introduction. Now, are you ready to dive into the world of Crossplane?
Here is an easy couple of sets of commands to list all resources with a certain tag and delete all buckets with a certain tag. Certain beats manually deleting buckets with lots of contents. I got these little snippets from this AWS Workshop: https://workshops.aws/card/unauthorized
List resources with a certain tag:
aws resourcegroupstaggingapi get-resources --tag-filters Key=MY_TAG_KEY,Values=MY_TAG_VALUE --query 'ResourceTagMappingList[].ResourceARN'Delete buckets with a certain tag:
aws resourcegroupstaggingapi get-resources --tag-filters Key=MY_TAG_KEY,Values=MY_TAG_VALUE --query 'ResourceTagMappingList[].ResourceARN' > buckets.json
((for bucket in {0..1}; do cat buckets.json |jq -r ".[$bucket]";done) |cut -d":" -f 6) > buckets-to-delete
while read line; do aws s3 rb s3://$line --force; done < buckets-to-delete
rm buckets.json
rm buckets-to-delete
So, in this post, we are repeating what we did in the last post, and further builds on it, but, via Crossplane!
Continue reading “Automatically tag EC2 instances with OS, and install Cloudwatch Agent based on OS via Crossplane”I was surprised that a blog post doesn’t already exist (or at least I didn’t find one), so, this post covers how to automatically add a tag to EC2 instances upon creation with OS of the instance. After the below components are deployed, EC2 instances should automatically have either a os:linux or os:windows tag.
I recently passed my AWS Advanced Networking Specialty Certification (ANS). Despite having two CCIEs and a number of other cloud and networking certifications, this was a VERY tough exam, and I JUST barely passed! I walked out of the exam thinking that I failed – as I felt that I was only able to confidently answer about 60% of the answers correctly.
In retrospect, I would recommend others to first go through multiple other AWS certifications and training before attempting ANS. Specifically, I would recommend AWS Solutions Architect Associate, AWS SysOps Administrator associate and may be even AWS Solutions Architect Professional as the ANS certification, based on all the questions I got during my certification exam, expects you to have somewhat deep knowledge of a large variety of AWS services.
Continue reading “AWS Advanced Networking Specialty: Some Tips”This video shows how to deploy near-production grade HashiCorp Vault Cluster using Terraform, using Robert Debock’s Terraform repository listed below. In the next video, we’ll take it a step further, and setup three clusters, and set them up using Performance Replication and DR Replication!
Github Repository:
https://github.com/robertdebock/terraform-aws-vault
Ansible and Terraform are both amazing tools with different use cases, however, some of their use cases can overlap. For example, both Ansible and Terraform can be used to deploy and configure AWS, Azure, GCP, Cisco ACI or hundreds of other platforms. In most environments, especially mutli-cloud or hybrid environments, you could, and may be should use both tools to get best of both worlds. For example, you’d setup the Infrastructure-as-code (IAC) using Terraform, and then also use a Terraform “provisioner” to invoke an Ansible Playbook to do the required configuration.
Continue reading “Ansible vs Terraform”After recently completing the Terraform certification, I was guided by smart fellow Cloud geeks to learn Vault. One of the fun things I decided to do based on their suggestion was to deploy a Vault Dev server on AWS using Terraform.
My mentor challenged me to create the simplest possible way to deploy a Vault dev server on AWS. A couple of hours later, building on my Terraform and Vault knowledge, here is the working answer I came up with:
https://github.com/main-salman/simpleVaultDevAWSinstance
I am learning Vault using Zeal Vora’s excellent course on Udemy. His Terraform course was AMAZING – and his Vault course is amazing too. Zeal is a truly gifted instructor.
If you are also learning Vault, you may find this interesting 🙂
Obviously this is in no way meant to be used for production workloads – it’s dev instance, it’s not clustered, it’s not secured/hardened, etc. But for learning, this can be a great start – and an alternative to running the Vault dev server on your own machine.
Enjoy!
Salman Naqvi - 2xCCIE 