27 Feb 2019 - about 1 min to read
I recently posted an entry announcing www.aws-glossary.info. In this post I want to cover how it actually works.
The logical diagram below details the basic structure of the application. The core components are;
|Github||Static content stored in github|
|CodePipeline||On commit to the master branch of the github repo - UI components deployed to S3|
|S3||Static content for the application is stored in an S3 bucket configured for website hosting|
|CloudFront||Edge location storage, but more importantly, facilitates SSL|
|Route53||Hosted zone for the aws-glossary.info domain - points to the CloudFront distribution|
|Lambda||Python lambda function to get the latest documentation data and store in a neat JSON file|
|CloudWatch Events||Used to trigger the lambda function|
The user interface is using KnockoutJS to bind all the components together to dynamically filter the data downloaded in the service JSON file. KnockoutJS allows you to tag components as observable; for example, as you update the search text box, the collection behind the table is filtered appropriately.
Finally, for ease (and because I’m no good a UI design), I’ve used Bootstrap 4.0 to make the look and feel slick but easy for me.
21 Feb 2019 - about 1 min to read
Yesterday I created a scraper for the AWS documentation landing page to give an aws glossary of all of the services that have available documentation.
Originally I posted it as a page in this site, I’ve now moved it to https://www.aws-glossary.info
16 Feb 2019 - about 1 min to read
This morning I was trying to solve an issue where http://owenrumney.co.uk has an SSL error when trying to access my blog but https://www.owenrumney.co.uk is fine! (its still not resolved).
As I was poking around in my github account I looked at what I had done over the years… taking me back to 2012 when I originally opened my account.
The first project was an implementation of the LightsOut game written in NodeJS. Since I’ve never had a contract where I’ve been doing Node I can only assume i was writing this to learn Express/NodeJS etc.
The game is simple, click on the lights till they all go out, but when you click a cell, the state of the horizontal and vertical adjacent cells toggle their state.
Even a cursory look at the code has highlighted that it isn’t great, but my thoughts are more about how great it is to have Github and source control systems as a whole. Over the years, my laptops have been changed, flattened, stolen and lost, yet all I needed was a
git clone email@example.com:owenrumney/Lightsout.git and I was able to run (confession, I also had to install node) my inagural GitHub contribution.
‘Int Git Brilliant!!!
(Another confession - it seems you just need to click the middle cell of the lights on start to win the game in a single click - so more work needed ;) )
28 Jan 2019 - about 2 mins to read
We have just replaced our aging Canon MX885 Multi Function printer with a new colour Laser printer, an HP M281fdw multi function. One of the scanning options is to “Scan to Email”. This is something I’ve found really useful in my current clients office.
What’s the issue then?
The issue I found setting up this functionality is that I need to configure the printer to relay through an SMTP server to send the messages to me. This is a pain and I didn’t want to have to stand up a simple SMTP server here just so I could use this feature.
My next thought was to try and use
smtp.gmail.com. Even with the usual port and authenticating using my emails creds this still didn’t work properly so I figured why not make use of Amazon’s Simple Email Service. It’s simple, reliable and you can relay through it.
Setting it up
The following steps should get you working - the key sticking points are making sure that you’ve verified that you can send to the email address you’re configuring.
Verifying the Email Address
First things first is to log into the AWS Console and navigate to
Simple Email Service.
Identity Management select
Email Addresses then click the
Verify a New Email Address button.
This will being up the dialog where you can specify the email you want to approve.
Once you’ve submitted this, you’ll get an email to the specified address which you need to validate by clicking the link in the email. You should then see the email verified as below;
Creating the SMTP credentials
The next thing you need to do is create some credentials with which to relay through the SMTP server with. Clicking on
SMTP Settings under the
Email Sending section will show you the details - as below;
Click on the
Create My SMTP Credentials button and either accept the IAM user name or change to something more appropriate
Create will generate the new credentials for the IAM user which you can download and make a note of.
Configuring the Printer
Finally, we can update the configuration in the printer. In my case, the screen looks something like this.
Last step is to do a test scan and make sure it gets routed through your email.
23 Jan 2019 - about 2 mins to read
NOTE: Creating a keytab file is easy enough but I have to refresh myself each time so I thought I would document it in a blog post.
I’m assuming for anyone who is doing this that you have your
/etc/krb5.conf in order and that isn’t going to get in your way.
One thing you’re going to want to know is what your permitted and default
enctypes and the realm are from this file. In my case I’m going to use
aes128-cts-hmac-sha1-96 and my realm is
Creating the keytab file
To create the keytab file you’re going to need
ktutil (and a number of other
sudo yum install krb5-workstation
sudo apt-get install krb5-user
Now you have the required programs installed, you can create your keytab file using
This will present you with a prompt for you to add the entries in the keytab file
add_entry -password -p user@DPE.INTERNAL -k 1 -e aes256-cts-hmac-sha1-96
Password for user@DPE.INTERNAL: <enter password here>
Breaking this down, we are saying that we want to add an entry to the keytab using a password for authentication.
-p is the principal that we will be logging in as using the end file.
-k refers to the Key Version Number which in some situations isn’t really needed and is ignored (in Windows environment for example). You can get the current Key version number (kvno) by using the
user@DPE.INTERNAL: kvno = 1
-e refers to the enctype mentioned earlier. This needs to be one of those that are permitted in your
krb5.conf file so you’re using an accepted and appropriate encryption.
Testing the Key
We can now test the keytab for successfully login
kinit -kt user.keytab user@DPE.INTERNAL
This should exit normally, then we can check we’ve got a ticket using
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: user@DPE.INTERNAL
Valid Starting Expires Service principal
01/23/2019 14:27:28 01/24/2019 00:27:28 user@DPE.INTERNAL
To clear out the ticket, you can use
kdestroy. This will remove all current authentications.