The blog

Restrict s3 access to an ec2 instance

Thu, 08 Jan 2015 00:00:00 +0000

I’ve been rambling since yesterday trying to find an elegant way to restrict access s3 access to an ec2 instance. I wish it was more obvious.

So anyway the trick is to assign an elastic ip to your ec2 instance and apply the following bucket policy

{
  "Statement": [
    {
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<bucket_name>/path/*",
      "Condition": {
        "StringEquals": {
          "aws:SourceIp": "<elastic_ip>"
        }
      },
      "Principal": {
        "AWS": [
          "*"
        ]
      }
    }
  ]
}

so now we can do wget https://s3.amazonaws.com/bucket-name/path/filename and it will work.

/dev/log Jan 5th 2015 DNS security

Tue, 06 Jan 2015 07:41:44 +0000

I learned a lot about dns and how dns poisoning attacks work. DNS was first built in the 80s and like The Internet protocol suite and UNIX before it, It is super awesome ! As the article below rightfully suggests its a distributed Key-value store before it was cool.

Here’s a well written article from cloudflare explaining how DNSSEC and dns attacks work.

/dev/log Jan 4th 2015

Sun, 04 Jan 2015 07:30:57 +0000

Downloading llvm, I’m following the getting started guide. Dammit they’re still stuck with subversion. In one way its a good thing, I don’t have to wait ages for the repo to download on a slow connection.

llvm + clang takes ages to compile I probably need something faster than my i3 8gig machine.

No more rambling, complaining or cynicism

Sat, 03 Jan 2015 08:49:39 +0000

As the title says I will not be writing anymore confused, irritated posts infused with cynicism.

On the technical side, comments on this blog are now optional i.e I can optionally enable comments for certain posts that I deem comment worthy.

This year's first day in office

Fri, 02 Jan 2015 18:56:41 +0000

Well the first day in office for the year. Nothing particularly interesting. I need to stay up more at night and work. The drive home is kinda getting to me. Too tired to work especially after dinner so I end up falling asleep. Need to stay awake more. Anyway its a friday so no office tomorrow YAY ! Nope, I’ve got work to do.

A New Year Yay! Nope !

Thu, 01 Jan 2015 08:32:28 +0000

Well its 2015, a year that begins on a thursday. I wake up to 500+ messages on whatsapp. Thats right I slept through the birth of the new year. So what ?

The day began as usual until the emergency, lets just say I had to visit the hospital, thankfully not for myself. Here is a lesson for the new year stay safe on days surrounding holidays because doctors aren’t easy to find because they have families too.

New year ? Its just another day

Wed, 31 Dec 2014 08:48:28 +0000

Too many expectations

New Year huh ? A lot is expected of tomorrow. New year resolutions, Things are going to be better, Optimism, wishes blah blah. Don’t get me wrong, I’m not a pessimist, neither am I an optimist. I just don’t need another day to postpone things to. I’ll start becoming better on Thursday, on Jan 1st. When was the last time new year resolutions worked ?

Why a holiday ?

Why is the first day of the year even a holiday ? If you expect the year to get better then its best to start now.

You know what I’m stopping right now. I’m going to go work !

Hello World!

Tue, 30 Dec 2014 08:33:28 +0000

So this is the first post eh ? Well here goes.

I’ve just managed to setup my domain with a blog hosted using github pages. The source code can be found at gautamk/gautamk.github.io