Archive of posts from 2024

• Unveiling the Risks of sts:GetFederationToken, You Probably Don't Need It 2024 May 02
  • amazon-web-services
  • cybersecurity
  • python
  • tutorial
  

  Let’s talk about sts:GetFederationToken and why we should disable it within our AWS Accounts. This call allows the creation of temporary access credentials that can be associated to any user identity. These credentials are difficult to revoke from the console, and cannot be revoked using the standard deny all credentials created before X time policy. It is much better to use standard built in identity providers like the OpenID Connect for CICD Operations or IAM Identity Center for federated user access. We’ll walk through how this call works, what it was originally intended for, and some threat detection.

• How I Updated Ruby on My Arch Box Cause the System One Was Out of Date 2024 April 15
  • jekyll
  • linux
  • notes
  • programming
  • ruby

  I just moved my laptop to run an arch derivative because I got a new SSD installed for more exiciting projects. To my surprise the current version of ruby in the repos was out of date by 9 months. So I had to learn how to use rbenv in order to build my blog and deploy new posts. It’s just like virtual environments with python, but unfamiliar because I only use ruby because I did this site in Jekyll, and to migrate would defeat the purpose of this site which is to share my writing and show off the cool things I built.

• A Diagram to Explain the Various Magic the Gathering Formats 2024 March 26
  • data-visualization
  • games
  • magic-the-gathering
  

  I was struggling to explain the various formats of magic the gathering to my friend, so I made this diagram using d2lang, a nifty diagram creation language. There’s about 5 commonly played formats on paper and then there’s the digital formats. Each format has different card pools and its own banlist to enhance the health of the meta. Each format may also have different set construction rules, but the only special one is commander.

• The Magic of Beer Can Chicken 2024 March 19
  • cooking
  • meat
  • notes

  Beer can chicken and it’s derivatives are my favorite thing to cook. I have laid out in this post some notes on cooking it well, and how to do it right. It’s not something that is explained easily or obviously. These are my personal notes on how I do it, and will be updated as I learn new things about it.

• Linting IAM Policies Automatically in Your Pipeline 2024 February 16
  • amazon-web-services
  • continuous-integration
  • tutorial

  When writing IAM policies there are a lot of concerns that must be taken into account. These JSON documents can be the cause of a lot of hurt when deploying them. People often mess up formating, write overly broad permissions, and just don’t get them perfect the first time. Sure you could use a dumb linter just for JSON, but that doesn’t cover all the potential screw ups. So I want to share a smarter linter I found and how we integrated into our deployment pipeline.