>whats stopping someone from sticking up a couple of QR codes that link to a fraudulent payment page or some other malware?
This will become a huge problem / is already a problem. Whats the right way to solve this? some sort of https like trust relationship for the whole QR code interation?
I have trouble getting consistency. I tried several methods, like you mentioned starting small, completibg small actions etc.. But I'm not able to consistently do it. It breaks when you are stuck at some problem. And in my job(legacy code base (~13yearrs), me with < 2 years experience, i find it harder to get that momentum.
jacquard has been discontinued. We want to thank all our loyal fans. We understand you may not agree with this decision, but we hope you'll come to love these alternatives as much as you loved jacquard.
Not a joke, my friend got a knocked out point blank by a car on a road that supposes to be one way street in front of his university. Apparently during the time of the accident the one way road became two way road due to the constructions work. He survived the gruesome accident but still living in pain intermittently for example if sitting too long due to his permanent spine injury.
True in NYC too. I almost gotten taken out by a cop car driving the wrong way down a narrow one-way street, of all things. It wasn't even running its siren!
We tried a similar chaos tool in our company built in-house. Simulated most of the scenarios mentioned here using SSM/other scripts. At first everyone was interested and after some time the interest faded. Our problem was lack of visualization across the app ecosystem i.e how will it impact the app ecosystem when a batch of ec2 instances are suddenly spiking on CPU and what will be the impact to end user.
Turns out people care only if there is an end user impact and doesn't really care about random anomalies.
And to build the capabilities required for measuring the impact + automating the workflow of the actual chaos tests is a lot of work
A library like AWSSSMChaosRunner would be a core component of building gameday like capability. But building a full gameday framework is out of the scope of this discussion.
Can't this be solved by using IP addresses for hostnames? This can be a part of bootstrap script(which ASG/Launch Configuration already supports via UserData[1])
What I can't understand is -
If your logs are in ELK and metrics in prometheus/grafana - why do you need SSH access? Sounds like thats a good problem to solve
SSH access is a last resort, but it can be necessary in certain cases. For example, if our log forwarding breaks. SSH is also just one example, it can also be helpful to curl endpoints on the host directly without hitting the ELB/ALB.
The post actually provides the user_data script we use.
