Idempotence when extending AWS security group rules in Terraform

Terraform acts so weird when mixing up between aws_security_group and aws_security_group_rule in extending AWS security group rules.

Context: that leads to not idempotent for each apply (without changing anything in IaC)

  • Create one security group using aws_security_group with some predefined inlines
  • Extending more rules (rows) in that secgroup by using aws_security_group_rule to add more discrete rules
  • At each time executing terraform plan/apply, terraform re-creates rules lead to fcked up idempotent of result.

Sample code at:


The art of on-call duty

Being on-call means working/fixing live issues under high pressure and almost during midnight and/or weekend.

  • Taking strong responsibility for what we work, for what we did, for what we build
  • Uptime is an important metric, also critical to the success of our production.
  • If our product is down, we acutely feel our customer’s pain
  • Being on-call duty means we can learn a lot from it, for both technical knowledge & growing mindset.
  • Must get high paid for each on-call duty shift, because of stressful.


Some meaningful thoughts for entire 2018

This is a post for reminding these learned points, thinkings, ideas, mindsets about how to do and live better in 2018, only for myself. I logged because I scare that I will forget and go wrong or do the same mistake ever and ever again.

  • Time is a fixed and the most important resource, if taking care too much about non-sense things, will have no time for really right and important things in your life.
  • Run, think and improve continuously whatever, even small/big things everyday. Live today in the same state as yesterday does not mean the same, it means lagging behind others.
  • Write down, well documented, or take note on somewhere because of forgetting process in the human brain, but make sure never forget mindsets and core thinking techniques (like critical thinking, SWOT analysis,…). Details can forget, but cores must be in brain, seriously.
  • Must know why you do what you do?
  • Should have private time for yourself (every week), no smartphone, no laptop, no people, just you and think about the past week or doing meditation for training attention and awareness, achieve a mentally clear and emotionally calm state.


Critical vulnerability on policykit of systemd

[CVE-2018-19788]: A flaw was found in PolicyKit (aka polkit 0.115) that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.

Find out more about CVE-2018-19788 from the MITRE CVE dictionary and NIST NVD


Debian on android shell

Goal: I had one old Android phone, with broken touching/gesture layer. One day, I found it on a dirty old place.

  • I wonder how can I make it better with more usability.
  • How can I make it work exactly as I needed.
  • How can I transform this old phone to a super tiny linux machine with interactive shell?
Device: xiaomi Mi4W LTE, android 6.0.1 MMB29M
Specs: Qualcomm MSM8974PRO-AC Quad-core max 2.5GHz, 3.00 GB memory, 16GB disk
Kernel: 3.4.0-gf4b741d-00690-gc8911e
Arch: armv7l