Open the Cloud9
Services -> Cloud9 -> Open IDE
Get the project
Hello, | |
We have a recent update on a workaround to achieve the PCA cross account setup. | |
As of now AWS Private CA does not offer a resource-based policy to provide access to Private CAs across accounts, however you may create a role with (with issue-certificates and get-certificates permissions) in the Account hosting the CA trusting cross-accounts where users would issue certificates using the private CA using CLI by creating a private key and CSR without using the Certificate Manager. Please find the below steps that explains this process, | |
Setup: | |
Account A - Hosting Private CA, Example ARN: arn:aws:acm-pca:us-east-2:12345678901:certificate-authority/d85a56xx-6591-4ca4-bf0c-97badb11c87c | |
Account A - Role: "CrossAccountPCA" - ARN: arn:aws:iam::12345678901:role/CrossAccountPCA | |
The below IAM policy would give permissions to issue private certificates using a specific private Certificate Authority only. If you wish to allow permissions across all CAs, you may replace the resource section with a wild-card (*) inste |
# using curl | |
curl https://keybase.io/kenichishibata/key.asc | gpg --import | |
# using `keybase pgp pull` which | |
# imports to GPG key chain for you | |
keybase follow kenichishibata | |
keybase pgp pull kenichishibata |
plugins=( | |
git | |
bundler | |
dotenv | |
osx | |
rake | |
rbenv | |
ruby | |
kubectl | |
pipenv |
We need to run multiple versions of kubectl for compatibility with various kubernetes clusters.
It's a bit easier to get and use multiple versions of kubectl using Homebrew than it is using Macports.
With brew, it's simple to:
Scenario: Smart meters are now being distributed across all households in the UK however currently we are having problems with the data coming in. Some of the data coming in all at once and we have to scale our infrastructure a lot more because the smart meters collect all the data at 6pm at night,
We would like to rearchitect the smart meter delivery system to an hourly system and enable eventual consistency in the way we handle these data in order to decouple our microservices.
Another thing we have to keep in mind is we need to be able to replay data which are not successfulyy processed by our smart meter platform
Finally we would like to get all of the processed events into the data swamp to be processed by our data engineering team
//打印文件内容 | |
package main | |
import ( | |
"bufio" | |
"bytes" | |
"fmt" | |
"os" | |
"io" | |
"path/filepath" |