How can I look up an existing Internet Gateway in CDK? - aws-cloudformation

I'm using the FromLookup() method on the Vpc construct to get a reference to the default VPC in an account like this:
Vpc.FromLookup(this, "Default VPC", new VpcLookupOptions {IsDefault = true}); (C#)
Is there a way to do something similar for the Internet Gateway (IGW) that's created by default in that VPC? Alternatively, can I list the IGWs for an existing VPC? I need to get a reference to that IGW in order to add routes to it.
I came across this GitHub issue which shows a workaround using a Cfn escape hatch to get a reference to the existing IGW using its ID, but the need to manually look up and provide the ID breaks the automation we're trying to achieve. We need to spin up copies of these stacks in dozens of isolated accounts and having a manual lookup step is a deal breaker.
Also, the PR that addresses that issue only allows getting references for IGWs in new VPCs created as part of the stack, not existing ones.

Related

How to migrate D365 Business Units and their default teams and keep GUIDs

I've been trying to migrate some BUs and their default teams from our dev environment to a higher environment and keep the default teams' GUIDs the same in both envs but have not been successful. I tried changing the order I deploy them, ie tried deploying BUs before and after teams but it made no difference. The problem is when I deploy a BU, the system automatically creates a default team which I cannot delete or rename or even make non-default so that I could make the teams I want (with the same GUID) as default. Also I've tried different tools such as SDK's DataMigrationUtility and XrmToolBox's Data Transporter but the outcome is the same, i.e. I cannot get rid of the default team.
I would appreciate any advice on how to do this.
Thanks in advance
Default Teams for BU are created by system automatically and you cannot transfer them or create them or unassigned them.
Same is the case with default queue for Team (owner Team) you cannot create them, transfer them and unassigned them.
You could definitely transfer Teams (which are not default teams) but unfortunately the one you are trying is not possible.

Assign names to applications without Service Fabric

I have an application in the service fabric and I'm going to upload another one.
I wonder if it's possible to assign different names to each application.
With an application, I access using the address:
http://sf-spartan.eastus.cloudapp.azure.com
You can configure for access to look like this:?
http://application1.sf-spartan.eastus.cloudapp.azure.com
or
http://sf-spartan.eastus.cloudapp.azure.com/application1
Sure, have a look here. Use the ApplicationName argument to define it.
Every application instance you create must in fact have a unique name.
You can reach your application instance through its url by using a reverse proxy. (either the built-in one, or a custom one like Traefik)
Usually, the application and service name are part of the url, e.g.:
http://mycluster.eastus.cloudapp.azure.com:19081/MyApp/MyService
This does require a web based communication listener.
Event more info here.

Google Cloud SQL Database Delete Protection

I would like the ability to protect against the deletion of a cloud SQL instance. This seems like a good step to take to avoid actions from an angry employee or a regretful click.
Google added a deletion protection flag for Cloud SQL in August 2022.
https://cloud.google.com/sql/docs/mysql/deletion-protection
I couldn't find anything like literally protecting the instance vs deletion, but, you could use the predefined roles in your instance to try to protect your instances from, as you said, angry employees.
For example:
Keeping the role owner to yourself (assuming you are, indeed, the owner of this project).
Depending on the needs of the employees, you can probably assign them the role cloudsql.editor or similar. If this is too much, you can create your own custom roles to narrow down what you need.
As for a regretful click, there is no much you can do. You could regularly create an export and save it on one of your buckets, just in case you need to create again your instance after a 'regretful' click.
Well, terraform certainly seems to have added some kind of deletion protection on the GCP sql instance. When I try to "terraform destroy" , I get this error
Error: Error, failed to delete instance because deletion_protection is set to true. Set it to false to proceed with instance deletion
Perhaps this functionality was added after the OP had reported the issue - which is quite possible given how old this thread is.
A related issue which talks about this.

Routing using OSRM for multiple profiles - does profile in the URL actually do anything?

With ORSM there are 3 profiles for different modes of transport, cycle, foot and car. These come with OSRM.
According to the following post which was made 1 year ago, OSRM does not support multiple profiles:
OSM routing (OSRM): do I need to duplicate all data for different profiles?
Yet in the official documentation there is a profile argument as part of the URL called for retrieving a route from a running OSRM instance:
http://project-osrm.org/docs/v5.6.4/api/#general-options
The path would look something like this:
http://router.project-osrm.org/route/v1/driving/
Without driving, foot or cycle in the URL a route won't be retrieved so one of them is required for the API, yet if I compile a route for car on the server, but then use /foot/ in the URL to retrieve a route, it will still retrieve a car based route, completely ignoring 'foot'.
Could anybody from OSRM explain why something as useful as multiple profile support has been withdrawn, and what the point of driving is in the above URL seeing as it is ignored anyway and just appears to use the profile attached to the running instance of OSRM?
The solution to the problem of multiple profiles appears to be to host parallel copies of the routing machine for each profile and address different IP's, so again, what is the point of 'profile' in the URL?
Could anybody from OSRM explain why something as useful as multiple profile support has been withdrawn
The support has never been there. You will need to run separate osrm instances for each profile.
The URL option is merely there to make it easier to stick a nginx in front of your OSRM instances and distribute to the correct instance based on profile string.
We might implement multiple profiles in the same OSRM instance in the future, but this is still far out.

Is it possible to create a safe API for public editable data with MongoLabs?

This is related to Is there ReadOnly REST API key to a MongoLab database, or is it always ReadWrite and How does Mongolab REST API authenticate
I want to make it possible for unauthenticated users of my web app to create resources and share them. The created resource is an array of links ['link1', 'link2', 'link3'].
I'm looking at using MongoLabs directly from the client for this, which is possible through their REST api.
The problem though is that as far as I can see, if I do that, it would be impossible to prevent vandalists to clear out the entire collection rather easily.
Is this correct, and if so, is there a simple solution (without running a custom backend) to do something like this?
First off, you could create a "history", so if something goes wrong you can call on an easy command to restore records.
Secondly you might screen connected clients for abusive behavior; eg measure the number of delete or update commands in a certain timeset. If this get triggered you can call on your restoration process.
Note; i have no experience with MongoLabs whatsoever, but this - to me - would be a suitable safeguard in creating a public api.