Interesting Bits #1

 ·  ☕ 4 min read
🔖
  • Interesting Bits

    • Misspelled characters, Unexpected AWS achievements

    1

    One of my favourite characters is the lowercase Greek letter ‘L’ called ’lambda’. I don’t know why I like it, perhaps it was after I played Half-Life; or perhaps it was when it was used for eigenvalue when I was learning linear algebra.

    Either way, I do use the symbol every now and then. But alas there is no \(\lambda\) symbol on the keyboard, hence to use it I would need to copy it from either the web or from a built in feature of Microsoft Windows called ‘Character Map’.

    Character Map allows you to search a vast array of symbols which can be copied to the clipboard and pasted wherever you want to use that symbol.

    One time when I was looking for \(\lambda\), I was unable to search for it. After manually browsing through all the greek letters I eventually found it; only to discover that it was actually misspelled.

    Here’s a screenshot:

    ’lambda’ is spelled ’lamda’ in windows charmap

    Note that is is spelled ’lamda’ and is missing the ‘b’. You would think that the Windows developers would have taken extra care with this symbol given it is ON THE F****N’ APP ICON!

    Lambda symbol on the charmap icon

    This annoys me. Greatly.

    2

    I work with AWS CloudFormation often as part of my day job but rarely hit the limits. (at time of writing) some of the documented limits include:

    • 200 stacks to an account (can be increased by request)
    • Description fields can not exceed 4096 characters long
    • A template cannot exceed 60 parameters or 60 outputs.

    There are a number of bugs I have encountered:

    • If you use the S3 URL when referencing a template, it cannot contain any spaces. This means neither the bucket name, any or the folders, nor the template’s filename can contain a space or CloudFormation will complain that you need to provide an S3 URL.
    • (This might have been fixed or not an issue with the new console but) When you update a template buy poviding an S3 URL and the update fails; then you upload a new template to S3 (now fixed as to resolved the reason for failure) and try again, it will try and use the old template. Becuase the S3 URL you gave was the same it seems to have cached the old template and will htus fail again.
      • This can be resolved by giving a different URL or pasdsing it though the designer (hence it uploads a copy the the automatically generrated cf-templates bucket and use that URL)

    There are a number of other limits that are not on the FAQ or are not documented… things I discovered by trial and error:

    • Logical names can not contain non-alphanumeric characters
    • The reason for this post

    I was recently working on a stack for a customer. The stack had only a few resources but there existed 3 SGs with rules that allowed all traffic. I reasoned that this was OK as I new that the 2 servers communicated on a huge range of ports.

    Well the customers security guy wouldn’t sign off on it and the customer was very insistent they it be restricted to only the required ports.

    So I go about adding all the rules but when it came time to deploy it I hit a limit I had totally forgotten about: A stack cannot exceed 200 resources.

    My solution was to have the security group rules as their own stack, and this worked for a while… until the customer remembered about a number of other ports they needed to add. So I added the new rules… and hit the limit again. Double Achieve!

    I eventually had to split the SG rules stack into an SG rules stack per SG. I won’t be able to go for the triple achieve as I will hit the limit of SG rules per SG first (although I’m getting close to that). All because some security guy won’t allow all ports between Active Directory Domain Controllers.

    Kieran Goldsworthy
    WRITTEN BY
    Kieran Goldsworthy
    Cloud Engineer and Architect

    ©2024, All Rights Reserved

    What's on this Page