Scenario: A customer had an AD Domain joined fleet and configured through SAML (the only way you CAN log into an AD joined fleet) and after the password prompt the session was looping and asking for their domain credentials over and over again. Troubleshooting: After investigating the provided troubleshooting steps something was still blocking the […]
When using CloudReady OS it was noticed that downloaded (files saved directly on the device) mp4 and other video files were not playing audio when using the local ChromeOS player / default video player and the sound icon is greyed out. This also included previewing the same files direct from Google Drive. (Update, another reader […]
Summary AWS Guard Duty offers an enhanced security scan of all AWS services and how to better protect them based on your usage patters and well known vulnerabilities. General Observations GD Analyzes VPC Flow Logs, AWS CloudTrail events and AWS DNS logs. Console Notification for new findings – as they are analysed and discovered. Notification […]
Problem From time to time there seems to be some ongoing issues where Apple Mac OSX Security and Privacy Allow Button is not working. No matter how many times you click ‘allow’ it simple doesn’t function (yet the button highlights blue as if its been pressed) and this happens regardless of whether you unlock the […]
Scenario A customer had a requirement for Cloud Hosting With Multiple Proxy Servers and wanted to send some traffic direct to the internet (host or url whitelist), some hosts or urls to one proxy in their cloud hosting and some traffic via another proxy in another peered network in their cloud hosting. Solution Our solution […]
This policy will assign a specific user access to a specific bucket in s3 { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “s3:GetBucketLocation”, “s3:ListAllMyBuckets” ], “Resource”: “arn:aws:s3:::*” }, { “Effect”: “Allow”, “Action”: “s3:*”, “Resource”: [ “arn:aws:s3:::mybucketname”, “arn:aws:s3:::mybucketname/*” ] } ] }
Situation Recently a customer received the following message ‘this OS/platform is not authorized to access your Workspace’ when connecting to newly built AWS Workspace instance whilst attempting to connect via ‘Web Access’ https://clients.amazonworkspaces.com/ In more recent WorkSpace Updates (Jan 2019) if you dont explicitly have Web Access enabled you will receive a ERR_CM_REQUEST_FAILED message This OS/platform […]
Problem This month on creation of a new image builder in AWS AppStream we noticed that the AWS AppStream 2.0 Image Builder X Drive was not being created. The X drive is the temporary drive for uploading and downloading files to and from the AppStream instance, and usually where we house deployment scripts, build scripts, […]
Scenario AWS AppStream 2.0 generates a SHA-256 hash of the users NameID for their Home Drive – when using SAML (aka Federated) authentication. This can potentially make it difficult to find the users home share if browsing from AWS S3 or for support teams when supporting users or uploading documents to the users ‘home drive’. […]
Situation When attempting to call AWS CLI commands we were receiving a CERTIFICATE_VERIFY_FAILED error message. We were using a proxy service. In this specific instance we were connecting to AWS IAM via zScaler Internet Access (ZIA) Example we were running a simple aws iam get-role –role-name vmimport Workaround include–no-verify–ssl to by pass the ssl verification […]