Terraform: Optional Nested Dynamic Blocks

January 19, 2024

Recently, I was creating a terraform module that creates an S3 bucket. An S3 bucket can only have one aws_s3_bucket_policy, and the module needed to include a default policy to force TLS v1.2. I also needed to be able to pass additional policy statements to the module which may or may not include a condition. Unfortunately, there is not an obvious way to include the condition only when it is part of the policy. This post shows how you can include a nested dynamic condition block when the block exists, and exclude it if it doesn't.

tags:

• terraform
• optional
• dynamic
• aws
• iam
• s3

---

Vault CLI Authentication using OIDC

November 27, 2023

In this post I explore how to login to Hashicorp Vault using OIDC. I wanted to be able to automate some interactions with Vault that the official vault cli does not easily support. To do so I needed to be able to run the equivalent of `vault login -method=oidc`. This post is the result of that.

tags:

• go
• golang
• hashicorp
• vault
• oidc
• login
• vault-client-go

---

Load Balancing Algorithms

August 24, 2023

Exploring the power of two random choices load balancing algorithm.

tags:

• go
• golang
• loadbalancing
• algorithm
• load
• balance
• poc
• random
• round-robin
• power of two choices

---

EKS Addon Configuration via Terraform

August 17, 2023

This is a quick overview of how to pass custom configuration values to EKS managed addons using Terraform.

tags:

• addon
• aws
• eks
• clusterip
• kubernetes
• coredns
• daily note
• terraform
• configuration
• jq

---

Decrypting Laravel Encrypted Data

July 24, 2023

Laravel has a built in encrypter that uses openssl. This post investigates how to work with data encrypted using Laravel using openssl directly.

tags:

• code
• laravel
• php
• openssl
• encryption
• bash

---

Rust Password Hashing with Argon2id and the Sodiumoxide Crate

May 20, 2020

This post aims to provide examples of secure password hashing and provide a simple overview of the process including what is and isn't required for security.

tags:

• rust
• sodiumoxide
• password
• hashing
• libsodium

---

Getting Started With The STM32 Nucleo-F302R8 and Rust

May 14, 2020

This blog post offers a beginner-friendly walkthrough for using Rust with the STM32 Nucleo-F302R8 development board. It covers setting up the development environment, including configuring Rust with the proper target and tools like OpenOCD and GDB, and provides practical steps for building, debugging, and flashing programs onto the board. With example projects and links to resources like the Embedded Rust Book, it serves as a helpful introduction to embedded programming in Rust for newcomers.

tags:

• rust
• embedded
• beginner
• stm32
• arm
• nucleo-64
• nucleo-f302r8

---

Dotnet core and data protection encryption

November 20, 2019

Explore using ASP.NET data protection encryption in a console application. These extensions also work cross platform, but not all options are available on Linux.

tags:

• dotnet
• dependency injection
• data protection
• encryption

---

List AD group members when the group contains foreign security principals

November 20, 2019

This post describes how to get an Active Directory group's members when some of those members are foreign security principals -- in a different domain. Unfortunately, the standard Get-ADGroupMember cmdlet will fail under these circumstances. Fortunately, we can work around that with a little PowerShell magic.

tags:

• Windows
• PowerShell

---

Powercli Script to Unmount and Detach Datastores

May 14, 2019

A PowerShell/PowerCLI script to unmount and detach groups of datastores in VMware vCenter.

tags:

• VMware
• PowerCLI
• PowerShell

---