wolfeidau

Background

I have been working on https://github.com/versent/saml2aws for a couple of years, this tool enables developers to use SSO from the command line to get short lived credentials from AWS. As most SSO services don't have an API for authentication, this is done using screen scraping. This has resulted in:

1. A brittle solution which requires reverse engineering and lots of patience seeing what you can get away with.
2. This is now how SSO is suppose to work, it is designed for browsers only.
3. Runs into tons of problems if you have multiple layers of SSO, as services send users off to social or third party authentication of users.

So we need a better way to integrate CLI tools with SSO to enable these tools to acquire and use short term credentials.

wolfeidau

package lambda

import (
	"context"
	"encoding/json"
)

// JSONHandler processes events in and out using Raw JSON
type JSONHandler func(ctx context.Context, evt json.RawMessage) (json.RawMessage, error)

wolfeidau

{
    "metrics": [
        [ { "expression": "(m2/m1)*100", "label": "percentage", "id": "e1", "yAxis": "right" } ],
        [ "AWS/ApiGateway", "5XXError", "ApiName", "xxx-xxx-xx-xx", { "label": "5xx errors", "id": "m2" } ],
        [ "...", { "stat": "SampleCount", "label": "total requests", "id": "m1" } ]
    ],
    "region": "ap-southeast-2",
    "title": "APIGW - 500 Errors as Percentage of Total Requests",
    "stat": "Sum",
    "yAxis": {

wolfeidau

{
    "metrics": [
        [ { "expression": "(m2/m1)*100", "label": "percentage", "id": "e1", "yAxis": "right" } ],
        [ "AWS/AppSync", "5XXError", "GraphQLAPIId", "XXXXX", { "label": "5xx errors", "id": "m2" } ],
        [ "...", { "stat": "SampleCount", "label": "total requests", "id": "m1" } ]
    ],
    "region": "ap-southeast-2",
    "title": "500 Errors as Percentage of Total Requests",
    "stat": "Sum",
    "yAxis": {

wolfeidau

{
    "metrics": [
        [ { "expression": "(m2/m1)*100", "label": "percentage", "id": "e1", "yAxis": "right" } ],
        [ "AWS/AppSync", "4XXError", "GraphQLAPIId", "XXXXXXXX", { "label": "4xx errors", "id": "m2" } ],
        [ "...", { "stat": "SampleCount", "label": "total requests", "id": "m1" } ],
        [ ".", "5XXError", ".", ".", { "label": "5xx errors", "id": "m3", "visible": false } ]
    ],
    "region": "ap-southeast-2",
    "title": "Errors",
    "stat": "Sum",

wolfeidau

import { Construct, StackProps, Stack } from '@aws-cdk/core';
import { Function, Runtime, Code } from '@aws-cdk/aws-lambda';
import { Table, AttributeType, BillingMode } from '@aws-cdk/aws-dynamodb';
import { Bucket, BucketEncryption, EventType } from '@aws-cdk/aws-s3';
import { LambdaRestApi } from '@aws-cdk/aws-apigateway';
import { S3EventSource } from '@aws-cdk/aws-lambda-event-sources';

export class InfraStack extends Stack {
  constructor(scope: Construct, id: string, props?: StackProps) {
    super(scope, id, props);

wolfeidau

package coverage

type Coverage struct {
	XMLName         xml.Name `xml:"coverage"`
	Text            string   `xml:",chardata"`
	LinesValid      string   `xml:"lines-valid,attr"`
	LinesCovered    string   `xml:"lines-covered,attr"`
	LineRate        string   `xml:"line-rate,attr"`
	BranchesValid   string   `xml:"branches-valid,attr"`
	BranchesCovered string   `xml:"branches-covered,attr"`

wolfeidau

{
  "Resources": {
    "MyVpcF9F0CA6F": {
      "Type": "AWS::EC2::VPC",
      "Properties": {
        "CidrBlock": "10.0.0.0/16",
        "EnableDnsHostnames": true,
        "EnableDnsSupport": true,
        "InstanceTenancy": "default",
        "Tags": [

wolfeidau

#!/bin/bash

set -e

# provide a folder like ~/temp to build the opencv sources
if [ "$#" -ne 1 ]; then
    echo "Usage: $0 <Build Folder>"
    exit
fi
folder="$1"

wolfeidau

Install i2c tools to check for PCA9685 board.

sudo apt-get install i2c-tools
sudo i2cdetect -y 1

Install vim and git.