jpancoast

The idea came up awhile back to see if there was a way to limit AWS Security Group changes to ONLY Terraform. This is one way I figured out how to do it. Another way might be to create a specific terraform user and put the restriction in the policy that way. Or maybe add the Condition to the below policy.

None of these methods are fool proof. Usernames, User Agents, etc. can be spoofed. But it's better than nothing to help prevent people from making changes via the AWS Console and getting out of sync with whatever IAC solution you're using.

While this is specific for security groups, it should be simple to modify it for preventing modification of other things as well. Also, the UA is incredibly strict, you should change it to some wildcard matching so it doesn't break when you're using a new Terraform. Or, if you're wacky, you could use this to restrict which version(s) of TF to use, but that would be nuts. Also the policy is probably not perfect, this is just an example, yo!

Here's the policy I tested

franga2000

Ubuntu on Acer Aspire Switch

The problem

What's the problem with this tablet? Why can't I just insert the USB and mash F12 until it boots? The tablet is made to run Windows 8.1 and Windows 8.1 only. Some absolute genius at Acer decided to put a 32-bit UEFI on a 64-bit system, which no reasonable Linux distro supports out-of-the-box.

NOTE: This guide focuses on installing Ubuntu alongside Windows. If you're trying to replace Windows, then I assume you know enough about Linux to know which parts to change.

What works:

• Keyboard

asmega

sudo /usr/libexec/locate.updatedb