profile
viewpoint
Alex Brausewetter xoob @bluecanvas Berlin 👾On a mission to make low-code developers more productive.

xoob/macvim-config 2

My MacVim and Janus configuration folder

xoob/DoctrineORMModule 1

Zend Framework 2 Module for Doctrine ORM

xoob/homebrew 1

The missing package manager for OS X.

xoob/macvim 1

Vim - the text editor - for Mac OS X

xoob/ace 0

Ace (Ajax.org Cloud9 Editor)

xoob/appengine-java-vm-guestbook 0

App Engine Java Managed VMs example

xoob/auth0-delegated-administration-extension 0

This extension allows non-dashboard administrators to manage (a subset of) users.

xoob/bootstrap-ajax 0

a library for adding declarative ajax functionality to your website

xoob/chrome-cpu-profiler 0

View Top down, Bottom up and flamecharts of your node app in Google Chrome

xoob/docker-gitlab 0

Dockerized GitLab

startedmrparkers/terraform-provider-keycloak

started time in 12 hours

startedmingrammer/diagrams

started time in 5 days

issue openedterraform-providers/terraform-provider-aws

Add support for ApplyOnlyAtCronInterval to aws_ssm_association

<!--- Please keep this note for the community --->

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

<!--- Thank you for keeping this note for the community --->

Description

<!--- Please leave a helpful description of the feature request here. --->

AWS System Manager has the ability to skip the first run of a new association and only execute it at the next cron interval. This can be useful for things like periodic snapshots that you don't want to execute immediately after the system boots up. When editing an SSM association in the AWS Console, there's a checkbox labelled Apply association only at the next specified cron interval.

The AWS API call CreateAssociation accepts it as well:

ApplyOnlyAtCronInterval - By default, when you create a new associations, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it.

Unfortunately it doesn't look like Terraform accepts this parameter. It would be great it you could add it.

New or Affected Resource(s)

<!--- Please list the new or affected resources and data sources. --->

  • aws_ssm_association

Potential Terraform Configuration

<!--- Information about code formatting: https://help.github.com/articles/basic-writing-and-formatting-syntax/#quoting-code --->

resource "aws_ssm_association" "example" {
  name = aws_ssm_document.example.name

  apply_only_at_cron_interval = true

  targets {
    key    = "InstanceIds"
    values = [aws_instance.example.id]
  }
}

References

<!--- Information about referencing Github Issues: https://help.github.com/articles/basic-writing-and-formatting-syntax/#referencing-issues-and-pull-requests

Are there any other GitHub issues (open or closed) or pull requests that should be linked here? Vendor blog posts or documentation? For example:

  • https://aws.amazon.com/about-aws/whats-new/2018/04/introducing-amazon-ec2-fleet/ --->

  • https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html#systemsmanager-CreateAssociation-request-ApplyOnlyAtCronInterval

created time in 14 days

startedantonbabenko/pre-commit-terraform

started time in 16 days

startedmanywho/awsinventory

started time in 17 days

startedGoComply/compliance-masonry

started time in 17 days

startedveeral-patel/how-to-secure-anything

started time in a month

startedOWASP/samm

started time in 2 months

push eventbluecanvas/node-bluecanvas-sdk

Alex Brausewetter

commit sha 6447794c5dbee9ac262ed392f73f643b73402302

Create shiftleft-analysis.yml

view details

push time in 2 months

push eventbluecanvas/node-bluecanvas-sdk

Alex Brausewetter

commit sha 39df83909375da6c1c75cecb4782e230e52a4538

Create ossar-analysis.yml

view details

push time in 2 months

push eventbluecanvas/node-bluecanvas-sdk

Alex Brausewetter

commit sha b3ca1af01542cbcad1ea0a572ac488fecdca4c7e

Create codeql-analysis.yml

view details

push time in 2 months

Pull request review commentbluecanvas/node-bluecanvas-sdk

api:tenant default OAuth scope, API updates

 class DeploymentsClient {     return resp.data;   } }++class ArchivesClient {+  /** @internal */+  private axios: AxiosInstance;++  /** @internal */+  constructor(axios: AxiosInstance) {+    this.axios = axios;+  }++  /**+   * Fetches a repository snapshot for the specified git revision as a gzipped tarball.+   *+   * @see https://docs.bluecanvas.io/reference/checks-api#get-archive+   */+  async getTarGzipBlob({ revision }: ArchivesGetTarGzipBlobRequest): Promise<ArchivesGetTarGzipBlobResponse> {

Will I be able to fetch the deploymentBranchName ref from this API? (That would be needed IMO to make it work with DR files in the PMD use case, where we want to process the prepared files with overrides.) in that case, the name ref would be more accurate.

tallen-bluecanvas

comment created time in 2 months

Pull request review commentbluecanvas/node-bluecanvas-sdk

api:tenant default OAuth scope, API updates

 interface Deployment {   phase: DeploymentPhase;   state: DeploymentState;   sourceBranchName: string;+  sourceCommit: string;   targetBranchName: string;+  mergeBranchName: string;

I suggest to call this deploymentBranchName on the public API, for clarity.

tallen-bluecanvas

comment created time in 2 months

Pull request review commentbluecanvas/node-bluecanvas-sdk

api:tenant default OAuth scope, API updates

 export class Client {    * Creates an Axios client with default options and logging attached.    * @internal    */-  private createAxios(config?: AxiosRequestConfig, disableLogging?: boolean): AxiosInstance {+  private createAxios(config?: AxiosRequestConfig): AxiosInstance {     const instance = axios.create(config);     instance.defaults.headers = this.options.extraHeaders || {};-    if (disableLogging) {

Without this condition, the request and response body of the OAuth 2.0 credentials exchange are logged. That’s a security issue we must defend against. (https://cwe.mitre.org/data/definitions/532.html)

tallen-bluecanvas

comment created time in 2 months

startedlyft/confidant

started time in 2 months

push eventbluecanvas/node-bluecanvas-sdk

Alex Brausewetter

commit sha 1e2b5701d4819144e658e28fad1b92e64fd47169

Commit missing type info

view details

push time in 2 months

startedoutline/rich-markdown-editor

started time in 2 months

startedpipxproject/pipx

started time in 2 months

issue commentsalesforce/design-system-react

Generate Typescript and Flow type definitions from existing prop-types.

I'm currently waiting for a number of pull requests to land before we continue on this.

girishla

comment created time in 2 months

pull request commentsalesforce/design-system-react

Teach 'npm start' to start foreground processes

Also you would need an issue logged for this. I actually logged one but I couldn't link them.

I've linked them and added #2527 to the description @kmmkwong

xoob

comment created time in 2 months

pull request commentsalesforce/design-system-react

Teach 'npm start' to start foreground processes

@kmmkwong How do we proceed from here, who needs to approve this change so it can get merged?

xoob

comment created time in 2 months

pull request commentsalesforce/design-system-react

Remove any use of `javascript:` URLs

@garygong, any more feedback about these changes? I'd like to get them merged before continuing on TypeScript compatibility...

xoob

comment created time in 2 months

startedAutodesk/continuous-threat-modeling

started time in 2 months

startedizar/pytm

started time in 2 months

more