Recently I had the need to create a Lambda function with PowerShell 7. The function is to synchronize data between two REST APIs. It’s fairly simple, but does need to use a custom made module. I spent quite bit time to find out how to deploy PowerShell Lambdas with custom modules. Thought might write a guide to help people want to do the same. My script is fairly simple, it gets a list of users from one API and then convert it to a XML format object and export into the target API.

Finally, PowerShell 7 is now GA! As a heavy WSL user, I was keen to see how some of its new features will work in WSL1 (Ubuntu 4.4.0-18362-Microsoft). Below are the tests I have done. Installation in WSL Download the binary from Github repo to a local folder /usr/share/powershell sudo wget https://github.com/PowerShell/PowerShell/releases/download/v7.0.0/powershell-7.0.0-linux-x64.tar.gz Untar the file sudo tar xzvf powershell-7.0.0-linux-x64.tar.gz Add path for your shell export PATH=/usr/share/PowerShell:$PATH Reload .bashrc source .bashrc

We recently have the need to cutover our AWS Direct Connects to a different vendor. In order to carry out the change, I was tasked to find a way to monitor Direct Connect connectivities to our on premise network from our hundreds of VPCs in AWS. After some discussion with our network engineers and security team, the solution I end up using is to deploy a single EC2 instance into each those VPCs that has a connection to VGW.

Say you have a bunch of Windows servers hosted in AWS. The VPC they are in does not have VPN or Direct Connect connect back to your on premse network. Expose RDP port through public IP for these Windows servers is a very good way to get hacked. So how can we securely connect to the servers in this kind setup? Fortunately we have SSM for the rescue. In August, AWS announced a new feature for SSM Session Manager, which allows us to securely create tunnels between your EC2 instances deployed in private subnets and your local machine.

I was recently involved in a data center migration project, which used VMware SRM (Site Recovery Manager) as the migration tool to move virtual machines between 3 DCs. The diagram below shows how the setup looks like. The version of SRM is 8.1. [SiteA] <—-> [SiteB] <—-> [SiteC] VMware documentation refer the above scenario as Shared Recovery Site. For each site-pair, you will need to deploy individual SRM server to ensure the SRM Plug-in ID is unique to that pair.

Hands up if you have following setup/practices in your organization: A RDP server (Terminal server) that everyone can jump onto. Apart from the IT admins, some users have local admin rights on the box, just so they can run or configure a particular application. To help troubleshooting an issue, your IT admins often RDP to servers directly from user’s laptop, which the user is a local admin.

Like Cloud Formation and ARM Templates, Terraform enables the way of Infrastructure as Code to provision resources in Clouds, but it also works with on premise infrastructures like VMware vSphere and NSX. I recently have been working on the automation of on premise server provision process. The goal is to provision a Ubuntu server on our vSphere 6.5 environment with iPerf3 installed and configured. It surprises me that there aren’t many useful resources/examples out there when comes to using Terraform with VMware.

The past week I attended AWS Summit Sydney for three days. It’s such an action packed show. Full of brilliant speakers and tons of interesting workshops. I feel so hard to decide on my agenda. In the end, based on the technologies I am interested in and the relevance to my job these are sessions I went for. AWS Innovation Day Keynote - I was late for it. But still It was good to hear the story of Qantas and learn about how they improve performance and efficiency with AWS.

I recently run into a scenario, which one of EC2 instances in our production AWS account (IT) need to access a S3 bucket hosted in a separate account (Marketing). The EC2 instance is a Windows 2008 R2 server. It runs Cloudberry Drive to map the S3 bucket as a local volume for a local application to retrieve the data off it. The easiest way to make this work is to create an IAM user in the and assign it with Access keys.

In this article I would like to share an un-documented way of setting up AWS SSO by using Okta.In case you don’t know what Okta is. It is one of the popular identity management solutions out in the market. It provides Identity as a service through its Web portal and APIs. There is a detailed document provided by Okta walks through steps of how to setting up SAML SSO between your AWS accounts and Okta.