Managing AWS Route 53 Hosted Zones with AWS Lambda

On AWS, I use a Route 53 private hosted zone for Amazon VPC to allow me to conveniently address EC2 instances and other resources. While all EC2 instances are automatically assigned a private DNS entry, it is usually something fairly unintelligable such as “ip-172-31-51-229.us-west-2.compute.internal.” An entry like “website-production.atomic.aws” is much more helpful, especially when trying to configure communication between various EC2 instances that comprise a larger system.

I constructed an AWS Lambda function to automatically update the DNS records in my Route 53 private hosted zone whenever new instances are created. This ensures that the private hosted zone is up-to-date and can be relied upon for communication between EC2 instances.
Read more on Managing AWS Route 53 Hosted Zones with AWS Lambda…

Managing AWS CloudFront Security Group with AWS Lambda

One of our security groups on Amazon Web Services (AWS) allows access to an Elastic Load Balancer (ELB) from one of our Amazon CloudFront distributions. Traffic from CloudFront can originate from a number of a different source IP addresess that Amazon publishes. However, there is no pre-built security group to allow inbound traffic from CloudFront.

Read more on Managing AWS CloudFront Security Group with AWS Lambda…

Bash Completion, Part 2: Programmable Completion

Don’t miss the previous post in this series: Bash Tab Completion


With Bash’s programmable completion functionality, we can create scripts that allow us to tab-complete arguments for specific commands. We can even include logic to handle deeply nested arguments for subcommands. Read more on Bash Completion, Part 2: Programmable Completion…

Bash Completion, Part 1: Using Tab Completion

One of the most useful features I learned when I first started working with Linux was the “tab completion” feature of Bash. This feature automatically completes unambiguous commands and paths when a user presses the <TAB> key. I’ll provide some examples to illustrate the utility of this feature. Read more on Bash Completion, Part 1: Using Tab Completion…

SSL Certificate Expiration Checker

IT Operations teams frequently have the responsibility to ensure that SSL certificates for various websites are valid and renewed on a regular basis. While SSL certificate vendors often provide reminders and warnings when the certificates are about to expire, this is not always effective–especially when a variety of different SSL vendors have been used, or different parties are responsible for purchasing and maintaining the certificate.

To prevent SSL certificate expirations from going unnoticed, I wrote an application that checks the certificates from a variety of sites and ensures that they will remain valid for a certain number of days in the future.
Read more on SSL Certificate Expiration Checker…

Linux Utilities for Diagnostics

I spend a fair amount of time troubleshooting issues on Linux and other Unix and Unix-like systems. While there are dozens of utilities I use for diagnosing and resolving issues, I consistently employ a small set of tools to do quick, high-level checks of system health. These checks are in the categories of disk utilization, memory and CPU utilization, and networking and connectivity. Triaging the health of the system in each of these categories allows me to quickly hone in on where a problem may exist.
Read more on Linux Utilities for Diagnostics…

Recovering from Corrupt Revisions in an SVN Repository

Recently, I worked to recover a client’s corrupted SVN repository. While the best protection against repository corruption is good backups, these are not always up-to-date or intact. Unless there are backups, repository corruption will almost certainly result in some data loss.

However, by working around corrupt revisions, it may be possible to restore the repository to functionality with minor data loss, and potentially detect what data loss has occurred–if an up-to-date and intact working copy is available. Read more on Recovering from Corrupt Revisions in an SVN Repository…

Configuring Per-Locale Font Selection with FontConfig

As I gain experience programming, I find myself becoming more and more mindful about implicit assumptions I might be making while solving problems. Spending hours debugging timezone issues or unexpectedly time-sensitive date calculations has revealed that everything I thought I knew about time (and many other subjects) is wrong. Such experiences have led me to take more cautious approaches to new problems. Read more on Configuring Per-Locale Font Selection with FontConfig…