Scott's Weblog The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking

Technology Short Take 140

Welcome to Technology Short Take #140! It’s hard to believe it’s already the start of May 2021—my how time flies! In this Technology Short Take, I’ve gathered some links for you covering topics like Azure and AWS networking, moving from macOS to Linux (and back again), and more. Let’s jump right into the content!

Networking

Servers/Hardware

Security

  • Peyton Smith and Mitchell Moser share seven common Microsoft Active Directory misconfigurations that adversaries tend to abuse.
  • Paulos Yibelo describes exploiting macOS with a text file.
  • The folks at Netskope have a pair of blog posts on GCP OAuth token hijacking in Google Cloud (part 1, part 2). These are older posts, from August 2020, and I honestly don’t know if the vulnerability still exists (or if it has been patched). If you’re a Google Cloud user, this may be worth a closer examination to make sure your accounts are safe.
  • Most of this was beyond my comprehension, but I found the tale fascinating to read nevertheless.

Cloud Computing/Cloud Management

  • Stefan B├╝ringer talks about optimizing Open Policy Agent (OPA)-based Kubernetes authorization. Note that this is a slightly older post (about 2 years old), so some of it may no longer apply to the latest versions of OPA and Gatekeeper.
  • This post by “xssfox” takes an interesting (to me) look at a security hole created through the use of an automated code pipeline deploying to a production website.
  • I’ve noted several pundits/experts who have noted the transformational nature of AWS Lambda, and the impact it is having/will have on AWS and its offerings. The introduction of S3 Object Lambda is just the latest example, it seems.
  • Chris Evans examines the pricing of virtual instances compared to managed servie offerings as he ponders how hyper-scalers like AWS, Azure, and Google will go about/are going about optimizing service density (i.e., maximizing revenue per hardware instance). It’s an interesting observation, for sure (at least, it’s interesting to me).
  • Marco Lancini discusses security logging in AWS environments.
  • Pulumi recently released version 3; get more details on the latest release in this blog post.

Operating Systems/Applications

  • Justin Garrison shares some thoughts on whiteboarding software (and hardware).
  • Here is a reminder why time synchronization remains important.
  • Carlos Fenollosa has a series of articles describing his attempt to move to Linux from macOS, and why he came back. Part 3 of the series, found here, describes some of the challenges with desktop Linux and why, in his words, “the grass is not greener on the other side.”
  • Paddy Kelly shows how to filter JSON data in Ansible using json_query.
  • Ivan Pepelnjak’s mention of Network to Code’s Schema Enforcer tool sent me down the rabbit hole of JSON Schema and validation. Don’t be surprised if you see a blog post on this topic pop up soon.
  • If you’re new to vim, this post may be helpful.

Programming

Storage

Virtualization

  • William Lam outlines some enhancements for USB NIC-only installations that appeared in ESXi 7.0 Update 2.

Career/Soft Skills

That’s all for now! I hope that I have shared something useful with you. If you have feedback, or if you just want to say hi, feel free to hit me on Twitter, or find me on one of the various Slack communities I frequent. Have a great weekend!

Metadata and Navigation

Be social and share this post!