Skip to content

Instantly share code, notes, and snippets.

View jesperfj's full-sized avatar

Jesper Joergensen jesperfj

83 followers · 30 following
View GitHub Profile
@jesperfj
jesperfj / eks_iam_user_access.md
Created October 12, 2024 22:05

When you create an EKS cluster, only the IAM user who created the EKS cluster can access it. Another IAM user with AdministratorAccess on the same AWS Account cannot access it.

This gets tricky if the cluster was created by a completely different user who assumed a role in an AWS account and created the cluster.

There are two ways (that I know of) to provide additional access. One is by updating the aws-auth ConfigMap in the cluster. This has to be done by the user who originally created the cluster because no other user has access.

Another option is to use the AWS::IAM::AccessEntry resource which is available both via CloudFormation and Terraform. It can be confusing to use this resource because it has things like a PolicyArn but it's not AWS IAM. So it is hard to find good documentation. Here's what worked for me:

    "MyAccessEntry": {
@jesperfj
jesperfj / gist:a4c1e4f94a6b91e3a6e2daf530a44ce4
Last active July 26, 2024 00:57

Me: I am an 8th grader and I want you to act as my math teacher. I am studying algebra and I don't understand why I have to learn both the substitution and the elimination rule. One of them should be enough to solve any system of equations. Can you explain to me why I should learn both?

Claude:

I understand your frustration with learning two methods for solving systems of equations. Both the substitution and elimination methods are important tools in algebra. Here are a few reasons why it's valuable to understand both:

The methods can be used in different situations. Substitution is great when one equation is already solved for a variable. Elimination is useful when the equations are not already set up for substitution. Knowing both gives you flexibility in approaching different types of systems. One method might be easier or faster for a particular system. For example, a system with many variable terms might be faster to eliminate than substitute. But a simple system might be quicker to substitute. Ha

@jesperfj
jesperfj / sloughing-off.md
Created April 16, 2021 22:10

Planning starts with the objectives of the business. In each area of objectives, the question needs to be asked, “What do we have to do now to attain our objectives tomorrow?” The first thing to do to attain tomorrow is to slough off yesterday. Most plans concern themselves only with the new and additional things that have to be done—new products, new processes, new markets, and so on. But the key to doing something different tomorrow is getting rid of the no-longer-productive, the obsolescent, and the obsolete. The first step in planning is to ask of any activity, any product, any process or market, “If we were not committed to this today, would we go into it?” If the answer is no, one says, “How can we get out—fast?”

Systematic sloughing off of yesterday is a plan by itself—and adequate in many businesses. It will force thinking and action. It will make available people and money for new things. It will create the willingness to act. The plan that provides only for doing additional and new things with

@jesperfj
jesperfj / adams-heroku-values-subset.md
Last active June 1, 2018 17:11 — forked from adamwiggins/adams-heroku-values.md
My Heroku values

Do it with style

Just because we're building bad-ass infrastructure and tools doesn't mean it can't be cool, stylish, and fun. Aesthetic matters. See The Substance of Style

Slick and fun meets powerful and serious.

Before Heroku (and a few others, like Github and Atlassian), developer-facing products were almost always stodgy, ugly, and completely lacking in style or fun.

We're part of the consumerization of IT.

@jesperfj
jesperfj / facebook_use.md
Last active March 22, 2018 17:18

Goal

  • Keep a Facebook account for those who occasionally contact me or share content with me via Facebook.
  • Minimize behavioral information about myself shared with Facebook, assuming it will be shared beyond my control

Steps

  • Never use Facebook proactively. It's just for people who wants to contact me and share with me.
  • Keep personal profile on Facebook similar to LinkedIn and make it public.
  • Delete Facebook mobile apps unless needed to view shared content. Delete main app, probably Messenger, maybe Instagram. Make sure these apps don't run in background after use.
@jesperfj
jesperfj / k8s.go
Last active October 24, 2016 19:49
import (
"k8s.io/client-go/1.4/kubernetes"
"k8s.io/client-go/1.4/pkg/api"
"k8s.io/client-go/1.4/pkg/labels"
"k8s.io/client-go/1.4/pkg/apis/extensions/v1beta1"
"k8s.io/client-go/1.4/tools/clientcmd"
)
var (
kubeconfig = flag.String("kubeconfig", os.Getenv("HOME")+"/.kube/config", "absolute path to the kubeconfig file")
@jesperfj
jesperfj / designer.html
Created July 16, 2014 18:07
designer
<link rel="import" href="../../salesforce/s1-elements/scaffold/s1AppScaffold.html">
<link rel="import" href="../../salesforce/s1-elements/scaffold/s1PageContainer.html">
<link rel="import" href="../../salesforce/s1-elements/s1StagedNavigationStageLeft.html">
<link rel="import" href="../../salesforce/s1-elements/s1StagedNavigationNotifications.html">
<link rel="import" href="../../salesforce/s1-elements/s1AnchorLightDefault.html">
<link rel="import" href="../../salesforce/s1-elements/s1ListWithLabels.html">
<link rel="import" href="../../salesforce/s1-elements/s1AnchorDark.html">
<link rel="import" href="../../salesforce/s1-elements/s1IndicatorDotsLightBackground.html">
<link rel="import" href="../../salesforce/s1-elements/s1ButtonGroups.html">
<link rel="import" href="../../salesforce/s1-elements/scaffold/s1DetailView.html">
@jesperfj
jesperfj / safe_storage_of_passwords.md
Last active August 29, 2015 13:59

Safe-keeping passwords used in ad-hoc scripts

When I need to send small batches of customized emails, I use Craig Kerstiens' and Will Leinweber's Ruby trick.

I've added an additional small hack to this trick that I've used several times: Storing and retrieving passwords in the Mac OSX keychain with minimal pain.

If you read through Craig's post and the code, you'll see that you need to pass in your GMail password. I care deeply about protecting access to my GMail account, so I don't just paste passwords into code or other random files stored on my hard drive. To keep things as secure as possible, I do the following:

  • Turn on two-factor for GMail
  • Now you cannot use your primary password for scripts like this. Instead I generate a per-application password. (click on "App passwords" on Security settings).
@jesperfj
jesperfj / keybase.md
Created March 27, 2014 07:35

Keybase proof

I hereby claim:

  • I am jesperfj on github.
  • I am jesperfj (https://keybase.io/jesperfj) on keybase.
  • I have a public key whose fingerprint is 85E8 AED2 A3FC 16C1 4D6D 3C1A 14D9 03AB F0AF 4D33

To claim this, I am signing this object:

@jesperfj
jesperfj / thoughtworks_technology_radar.md
Last active August 29, 2015 13:55

The ThoughtWorks Technology Radar is full of good stuff. Here are my personal favorites:

Micro Services

There's an upfront cost in building more distributed systems with independently operated micro services but it brings so much clarity to your world. You can align small agile teams with each service, you have much more explicit conctracts, leaky interfaces becomes more rare.

The key trend here is that platform services and frameworks have come a long way to make it easier to build micro services. So you should absolutely trial it out and understand just how the cost compares to your current approach.

Perimeterless Enterprise