I am going to come across as old in this post. And, this time, I am OK with that. We have entered a day and age where search engines have failed us. Instead of finding new and interesting results, search engines have been gamed to present the same top ten websites over and over again. Instead of showing interesting opinions or views, we are stuck with the same websites.
And, I blame this on the search engines. These sites are the reason that they are still in business. They advertise with them, and use understandings of the algorithms to show up at the top of searches. My question is, how do we get away from this? How do we get back to and internet of the people by the people. Not an internet solely made up of corporate interests. To be honest, I do not really have an answer to this question.
So, if we cannot trust search engines anymore to provide us with links to meaning, “real” content, who do we then turn to? Do we use search engines that skip the first 5000 results? Do we try to use more esoteric terms that mainstream companies have not thought to wrap with an enormous number of search results? I don’t know. That seems like a losing battle, as even those results can be gamed for someones bottom line.
Heck, at this point, we have come to a time when popular blogs are blatantly copied, and the redistributed by companies looking to make a quick buck. Companies that run search engines do not care. They just want to present the data and make their dime off of the user that enters an value into the search line. Think about it, if search is free, how do they pay for it. It is through gaining knowledge of what we search for, and how they can then convert it into cash.
To this extent, I am tired of the game. I will be upfront and say that my sight uses both Google Adsense and Google Analytics. Over the course of 20 years, I have not made $100 on this site. (Wow, that is kinda sad). But, I am going to move back to an old mechanism that was available on the web years ago. I am going to move back to a link page. And, I am going to link to blogs and sites that I, if not trust, at least respect. I am hoping that others will start to do the same. And, instead of searching the World Wide Web for new content, maybe you will look at the sites that I have linked to and see what they have to say.
I will not link to large corporations. That is not to say I will not create a link page for those purposes, but, I am going to make a page dedicated to people and creators that I find interesting.
Please help me in this. I want to find other people that are trying to have a voice.
Enabling SSO on your AWS Accounts is strongly encouraged, adds additional security, access to multiple accounts from a single entry point (with different permission sets), and above all, it is free.
The following is a walk-through of how to enable Single Sign On in the AWS console. These instructions are for people with individual accounts to a few accounts. Actually, these instructions are just a good general starting point for smaller size orgs.
Enable Organizations
Log into the AWS Console as the Root account
Note: This should be in the primary account that will hold the Organization if you have more than one account. These instructions only go through getting SSO enabled, not adding accounts to an Organization.
Go to Organizations (once again another service free of charge)
Click “Create organization” and then click “Create organization”
Note, this can only be done for one account in the org, and it would be best to do this in a new account if you are going to be adding a large number of other accounts or people.
If this is your only account it is not a big deal. Just add it to your base account.
Verify your email address to finish the setup process.
This is a default. I think it is for security reasons to ensure that not just anyone that has admin access to the account creates an Organization.
The email will be sent to the root account email address.
Enable Single Sign On
AWS SSO Landing Page
There are two options here. Click the link to “Enable AWS Single Sign On” or search for SSO in the top level search bar.
Click “Enable AWS SSO”.
Assumptions here:
You are going to use AWS as the Identity Source.
You have already created the Organization
You are happy to be getting this done, and looking forward to being able to access all your accounts from a single location. (Without being charged extra for it). (This sounded much funnier when I was writing it the first time)
Default Landing Page for SSO After Account Creation
Configure Single Sign On
Go to Settings.
Identity Source — Leave this set to AWS SSO.
For me this makes sense. I don’t have a third party solution for this, and I don’t want to have to manage it.
User Portal — you can create a custom url. This is nice so that you do not have to attempt to remember the default one that is provided.
Multi-factor Authentication — these are my preferred settings.
Prompt for MFA – Every time they sign in (always-on)
MFA types – for me, either works, but I like to use Authy, because then I can get into it from anywhere. And, if my device breaks, I still have access to my keys.
If a user does not yet have a registered MFA device
Require them to provide a one-time password sent by email to sign in
If you are going to protect your accounts, go all the way with it.
Who can manage MFA devices — Users can add their own.
Create Users and Groups
The Create Group Pop-up
Next step is to create Groups and Users
I like to add the Group first because then I can just add the Users to all the groups when I create them.
Users are the people that will have access to the accounts.
The groups are just groups of users. The permissions are not tied to there.
Configuring Account Access
Setting up and configuring AWS Single Sign On is almost complete. The last remaining steps are to create Permission Sets and then to assign them to users or groups that are bound to accounts. As a default, I like to create an Admin and ReadOnly permission set. You can attach the users/groups to the accounts first, but I prefer to create them the other way and to create the permission sets, and then attach users/groups to the accounts.
Create Permission Set
Standard that you can select from a list. These are limited to an hour.
Custom. Can still be almost the same, but, one nice thing is that you can change the timeout to up to 12 hours.
Dialog for adding permission set
Assign users and groups from the AWS Organization Tab.
I only have the 1 account. Click the check box and then click “Assign Users” (it should really read assign users and groups)
I like to assign groups and not users. So I have added both to my mix here.
Note, you can only add 1 group at a time or they get all the permission sets.
On the AWS accounts page. Click on the Name of the account to get an overview of it.
You can now login via SSO
All you have to do now is go to the link that is provided in the configuration. Once you log in, you will get a list of the accounts that you have available to you and the roles that you can assume in each one.
That is really all there is too it. It is quick and easy to setup, and after you start using it, you will wonder why you did not do it sooner. This is a great solution for solo developers, small companies, and even larger companies if you want to get into integration with your own federation servers.
I have been using MX_linux, and while I think the premise behind it is good, the implementation falls a bit flat. As someone that has used Linux for years, I was avoiding using my small and light laptop because I did not want to deal with the system that was running it. That is not a good sign.
So, I decided that I was going to install a new Linux distro on my system and get back to writing and doing things. Out of curiosity I dropped in to distrowatch to see what the flavor of the month was currently. To my surprise I saw MX_Linux on the top. After the issues I have had with it, that was interesting to see. But, sitting at spot number 5 was Pop!_OS. Huh? I had heard of it, but thought that is was some simplified version for kids. I was wrong.
What is Pop!_OS?
It turns out that Pop!_OS is an operating system based on Ubuntu by the folks over at system76 . System76 make Linux computers, laptops, and servers, and at one point used Ubuntu. But, do to some sort of falling out, they made their own distro based on Ubuntu. And, that is how we got Pop!_OS.
Enough of the history lesson.
How do I think it stacks up? So far, I am liking it. The desktop is running Gnome3. It has been a year or 4 since I used Gnome as my main desktop windowing system. For a while, I have been using XFCE, Mate, or Cinnamon. And, while all of those are perfectly good GUIs, I like the way that Pop!_OS has set it up. Either that, or I just like Gnome 3. It is a completely different experience than you get with other systems.
Initial Thoughts on Pop!_OS
How does the system work on my laptop? There was 1 issue that I had to fix right away. On my laptop, the screen brightness was cycling through the various brightness settings. This is due to battery life help and auto brightness control. That can be changed in the settings panel, and after I did that, life got immensely better. (Having your screen change brightness constantly will make you go insane. Trust me on this one.) The next thing that I did was change the touchpad to not click on tap. While it was not overly sensitive, I have heavy hands, and always turn this off.
The next part comes down to typing. I like to write this blog and to do some coding on the side. With MX_linux I had to disable the touchpad for 1 sec after typing so that the location of the mouse would not cause my jumping to go to where the pointer is. This is a serious distraction when attempting to write code or to write just about anything. My experience on Pop!_OS has been great. I have been typing my thoughts about Pop!_OS for that last little bit, and have not had any issues. That is a huge plus.
But, what about when you close the lid on your laptop, and power settings? All of that worked out of the box. with MX_linux, I fought with it continually. With Pop!_OS I did not have to make a single change. By default I believe it suspends when you close the lid. It has not frozen at all on wake up, and the experience has been great.
Installing New Software
Pop_OS! comes with the Pop!_Shop. This “shop” has a very large set of applications that are available for installation. Below is an image of what it looks like when you launch it.
From the Pop!_Shop it was easy to get other applications installed. I was quickly able to install Spotify, and it has links for Chromium (open source version of Chrome), Atom, Steam, and a slew of others. Also, it automatically checks for updates, and prompts you to install them.
It was a nice change of pace not having to add additional repositories in order to install some common applications. I use Visual Studio Code for dev work on Linux, and even it was there and easy to install, just make sure to use the .deb version.
If you do not want to use the Pop!_Shop, you can always fall back to the command line. That is my default for much of way that I run my system, and since Pop! is based on Ubuntu, which is based on Debian, apt and aptitude still work. Note, you will need to install aptitude if you want to be able to use it.
In case you are interested, below is a short list of preinstalled software:
Python3
Firefox
Git
LibreOffice
Configuring Gnome 3 Keyboard Shortcuts
For me the biggest switch was moving back to gnome and enabling keyboard shortcuts, or finding out what the keyboard shortcuts are. This has more to do with me wanting as many shortcuts as possible. Others don’t mind clicking the mouse to switch screens, but that is not the way that I like to work. So, I will share the settings that I use.
In Gnome 3 there are virtual workspaces that are located up and down from the main display. You can hit the Windows/Special/Power key and it will display on the right I prefer to quickly jump between workspaces by using the keyboard. So in order to do that you need to do the following.
Super + / –> enter “Settings” (this will open the settings menu)
Find “Keyboard” in the left hand menu
Click customize shortcuts
Choose navigation
From there I add shortcuts for moving windows between workspaces and being able to jump between workspaces.
Doing this gets the system to the point that I can use it without worry. Well, without wanting to throw it out the window. By default alt+tab will switch between windows on all workspaces. This is a benefit as, I have had to fight with other systems to get that functionality to work. Don’t get me started about windows.
Overall Opinion on Pop!_OS
After using Pop!_OS for just a short period of time, I think I am going to stick with it. The system has been easy to use and configure. It just gets out of the way so that I can get my work done. To be honest, I wish that I would have found it sooner. For me, it just works. Yes, I am a power user, but that is all good.
Even running Gnome3 on a 3 year old machine with 8 gigs of ram is fine. I will admit that I would be hard pressed to run any virtual machines on this, but for being able to build and run apps it is fine.
Another item that I like is that I did not have to fiddle with different system settings and repos to get base functionality. I have spent hours trying to get Fedora configured properly, and that is just a waste of time for me at this point.
If you are interested, I think you should give it a try.
Having worked in the industry for a very long time, sometimes I forget how much I have learned (and forgotten) over the years. What seems trivial now, was once a complex idea that I had to wrap my head around, and after learning the fundamentals, there always seemed to be more to learn. This was at, in my mind, a golden age for learning computer systems and how to code. Installing Linux was not what it is today with flashing installers and disk configurators. Heck, X-windows did not start by default and you had to fiddle with configuration setting for ages to get a gui environment up to work in.
Now, I am not saying that we should return to the days of old, but it brings to mind that learning some of the core fundamentals is not something you get just by trying to get a system up. You have to go through different programs, and make the decision to move forward with learning the command line, and system fundamentals. And, with all the coding boot camps and quick starts, on occasion I am amazed anyone can find a good point to start.
That being said, I have been asked by some people that I know to help the gain a better understanding of the fundamentals of programming. There was the direct request to learn using python.
Python is a flexible language that you can do most anything in. And by anything, I mean almost anything. I started using it because it was a language that was available on Solaris that a co-worker did not want to use, and we at first did not want him on the project. My understanding, and knowledge of Python has changed a lot in the 8+ years since we decided to use Python for an internal company project.
That being said, it is a multi-disciplinary language. It is used for web development, system administration, machine learning, scientific studies…. In addition to this, other than the strange white spacing it uses to know what is going on, it provides a decent starting point to begin working with other languages. I have to admit, if you want to learn the true ins and outs of programming at a system level, Python will not get you there. For that you will need to dust off some books on C/C++. Although, I have heard that Rust is starting to replace some of that. Out of scope.
Back to Python and getting started.
I wanted to find a resource that would cover a broad range of topics when it came to Python, and also provided real world examples. When I was in college we spent a year going through a book on C++. That was difficult for the students, and many of them we lost along the way. And, after that year, I could not really write anything that would produce something that I could show to anybody. If it were not for the money I was forking out for college, I might have said what is the point.
Over the course of the book, you will work on 3 projects. I am sure they are not the most advanced projects, but they provide a foundation from which you can then launch your own projects from.
A video game utilizing Pygame
A Data analysis program with Visualization
A Web Application based off of Django
For a lot of developers, that is some great basics to cover. True, it does not cover writing a serverless application on AWS with Lambda and API Gateway, but, it goes about teaching a person how to think about an idea and implement it.
Note: This is all speculation. I am working through the book now with 2 people, but wanted to track my experience with it as I went through. But, I think one of the key factors is working through the entire book, and not skipping. The reason I say this is because I know a number of self taught developers that while excellent at writing code, do not know how to communicate their ideas with others.
Hopefully, by working through a book like this, it will teach enough of the fundamentals and language so that both of the people I am working with will be able to advance their careers.
Off and on for years, and at various companies, I have developed various tools to manage complex AWS CloudFormation templates and stacks. This came out of the lack of tooling that was associated with CloudFormation itself. It was not that CFN was bad, (it is notoriously picky) it is just that it was designed with the intention of being a way to treat your infrastructure in code based manner. That is really not true. CFN was created as a templating language with defined spec.
Because of these limitations, I have built closed and open source solutions to manage the complexities that involve working with CloudFormation. Recently I even started revamping a tool that I wrote years ago to manage complex CloudFormation Stacks. This update was done on the behest of a few people that actually utilize the tool and wanted to be taken from the messy state it is currently in, into something that could be tied into their current applications. It was from this that I began working on CfnMason as a python module.
However, recently I started working with CDK. CDK is Am,azon’s CloudFormation Development Kit. My first thought was that it was going to be horrible, and why would anyone ever use it. Now, this was before it was a fully supported implementation and was only really viable when used with JavaScript. And, don’t get me wrong, I don’t hate JS, but I do most of my coding in Python these days. So, when I finally had a chance to use it for work, I found that I really like it, and that it was actually an excellent tool.
So, that brings me back to the original question. How do I know when it is time to stop working on a project? The main answer in my mind is you have to figure out that for yourself. When I started writing this, I was pretty sure that I was going to say that I am no longer going to be working on updating CfnMason. But, as I wrote this, I realized that not everyone is going to be able to move over to CDK. There are probably thousands of CFN stacks that have been created over the years, that require updates and tweaks, that are not a good fit to move over to CDK. As of yet, I don’t know of a way to take a template that is in AWS and convert it into a working CDK script so that you can develop on it from there.
This is why writing is sometimes the best way to find an answer to a problem, even technical ones. At face value, there are a number of projects that seem like they should just be discarded and never used again. But, once you analyze the situation properly, you might realize that there is a reason to move forward with development of a seemingly dead solution. It might even be to use it as a growth platform. Or, it could be that while there are new tools available, that for some, older and simpler tools are also still needed.
So, at the end of the day, what started as a note to say that I am no longer going to be working on CfnMason, has been turned around to me stating that I am going to try and get it done. Ha, yeah, even I laughed at that. Although now that the nation is in lock down, there is more of a chance that I might get it finished.
