| Task | Description | Example Tools |
|---|---|---|
| Install | Install the software binaries and all dependencies. | Bash, Chef, Ansible, Puppet |
| Configure | Configure the software at runtime: e.g. configure port settings, file paths, users, leaders, followers, replication, etc. | Bash, Chef, Ansible, Puppet |
| Provision | Provision the infrastructure: e.g. EC2 instances, load balancers, network topology, security groups, IAM permissions, etc. | Terraform, CloudFormation |
| Deploy | Deploy the service on top of the infrastructure. Roll out updates with no downtime: e.g. blue-green, rolling, canary deployments. | Scripts, Orchestration tools (ECS, K8S, Nomad) |
| Security | Encryption in transit (TLS) and on disk, authentication, authorization, secrets management, server hardening | ACM, EBS Volumes, Cognito, Vault, CiS |
| Monitoring | Availability metrics, business metrics, app metrics, server metrics, events, observability, tracing, alerting. | CloudWatch, DataDog, New Relic, Honeycomb |
| Logs | Rot |
Samuel Loh Yin Kang samloh84
samloh84
/ Export-Windows-Certificates.ps1
Last active
May 20, 2025 03:36
Export all certificates in MacOS keychain stores for use with scripts that need a PEM file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Set up paths | |
| $homeCertsDir = Join-Path $env:USERPROFILE ".certs" | |
| $outputFile = Join-Path $homeCertsDir "certs.pem" | |
| # Ensure ~/.certs directory exists | |
| if (-Not (Test-Path $homeCertsDir)) { | |
| New-Item -ItemType Directory -Path $homeCertsDir | Out-Null | |
| } | |
| Write-Host "Exporting all certificates from Windows trusted roots to: $outputFile" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| export DEBUG="${DEBUG:-0}" | |
| export RC_FILES="${RC_FILES:-}" | |
| export TF_HTTP_BACKEND_GITLAB="${TF_HTTP_BACKEND_GITLAB:-1}" | |
| if [[ "${DEBUG}" -eq 1 ]]; then | |
| set -x |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/bash | |
| set -Eeuxo pipefail | |
| git config --global user.name "Samuel Loh" | |
| git config --global user.email "[email protected]" | |
| git config user.email "[email protected]" | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SHELL := /bin/bash | |
| .SHELLFLAGS := -ec | |
| .PHONY: apply destroy refresh output | |
| TERRAFORM_TFVARS_FILE_PATTERNS := *.tfvars | |
| define _LOAD_AWSRC := | |
| if [[ -f "~/.awsrc" ]]; then \ | |
| source "~/.awsrc"; \ |
samloh84
/ production-grade-checklist.md
Last active
July 27, 2021 07:42
production-grade-checklist.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const luxon = require('luxon'); | |
| const DateTime = luxon.DateTime; | |
| const _ = require('lodash'); | |
| const axios = require('axios'); | |
| const qs = require('qs'); | |
| let getMasExchangeRate = function (date) { | |
| if (_.isNil(date)) { | |
| date = DateTime.now(); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| AWS_PROFILE="${AWS_PROFILE:-}" | |
| AWSRC_CACHE_DIR="~/.aws/.awsrc" | |
| AWS_PROFILE_CACHE_JSON="${AWSRC_CACHE_DIR}/${AWS_PROFILE}.json" | |
| function get-session-token() { | |
| AWS_MFA_SERIAL=$(aws --profile ${AWS_PROFILE} configure get mfa_serial) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ARM_TENANT_ID="${ARM_TENANT_ID:-}" | |
| ARM_SUBSCRIPTION_ID="${ARM_SUBSCRIPTION_ID:-}" | |
| ARM_SERVICE_PRINCIPAL_CREDENTIALS_PATH="${HOME}/.azure/terraform_service_principal_credentials.json" | |
| AZURE_LOGGED_IN=0 | |
| AZURE_ACCESS_TOKEN=$(az account get-access-token --subscription "${ARM_SUBSCRIPTION_ID}") |
samloh84
/ gist:4d9faca52a47a1c143b935b6c4cd2e9f
Created
May 23, 2020 08:38
Logos for Commonly Used Tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.docker.com/company/newsroom/media-resources | |
| https://www.hashicorp.com/brand | |
| https://github.com/logos | |
| https://github.com/kubernetes/kubernetes/tree/master/logo | |
| https://www.ansible.com/logos | |
| https://git-scm.com/downloads/logos | |
| https://about.gitlab.com/press/press-kit/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| for /f %G in ('dir /b /s *.sh') do (git update-index --chmod=+x %G) |
NewerOlder