One of the limitations of Amazon AWS’s EC2 IAMs is the instance role MUST be assigned at “launch” time.  This is distinct from the “Start” action on an instance that was running as has been stopped.  In order to associate a current instance with a new or existing IAM profile, you must create a new instance.  This can be done by creating an image from the current instance and launching that.

Once an IAM role has been assigned, you may alter it.  This suggests that best practice is to always launch an instance with SOME IAM role.

Are the command line tools related to IAM roles?  YES, although it’s not specified, AWS command line  tools will find the role of the instance it’s on,  even if it’s not AWS Linux.

Assuming a role

First Impressions of iOS 9

  1. The virtual keyboard shows lower case letters when you’re entering in lowercase.  Yay!
  2. Low power mode: the OS turns off or tones down some of the expense battery consuming functionality.  Don’t know yet how effective this is, but anything is an improvement over involuntarily burning through battery charge until the phone arbitrarily quits.
  3. We still can’t get rid of built in apps.  I’m not buying an Apple watch, Apple!  I don’t need your mandatory app.

Business Book Reading List

I appreciated this article on which books are worth reading.  The premise is that nobody should be reading “business card books” which tout the author’s credibility, books that aren’t long enough to be worth a book, and actually good books.

I don’t agree that even most business books fall neatly into one of these categories, but I do appreciate the list of “good books”:

“MASTERY” by Robert Greene
“BOLD” by Peter Diamondis and Steven Kotler
“OUTLIERS” by Malcolm Gladwell
“BORN STANDING UP” by Steve Martin
“ZERO TO ONE” by Peter Thiel
“QUIET” by Susan Cain
“ANTIFRAGILE” by Nassim Taleb
“MINDSET” by Carol Dweck

I’m starting with Nassim Taleb’s book: he seems to have dozens of quotable reference in every book he’s written.

Getting Mac Yosemite to Sleep

I’ve had numerous issues with convincing my Mac Pro 1,1 to sleep, and almost equal problems keeping it from sleeping when it’s in the middle of doing work I actually want done.

Apple’s site is quite helpful here, when I tried everything on the list.  I suspect that Bluetooth and/or network waking is the issue.

Appending PHP Paths

Mr. Google recommends three different methods for appending additional directories to the PHP include_path:

1. Modify php.ini to set the include path to the desired settings

2. Use .htaccess to do the same

3. Set the path from within code with set_include_path()

All of these, to me, suffer from serious problems.  What I want, as for any time I’d like to include additional functionality via code and libraries, is for those libraries to be available globally, and to be set at the meta-level of the code.  That is, the environment should determine where libraries are stored, and the code should know nothing about it.  While using set_include_path() within code isn’t objectionable, there must still be a mechanism for the code to determine what the path should be.  The code shouldn’t know or care, for example, where it is stored, let alone where the libraries it relies on are stored.

The ostensibly correct answer is to set the path in php.ini.  But because this is a setting and not a command, there’s no way to include the existing default elements of the path in addition to the libaries you’d like to include.  You could of course determine what the default values are (which are hard-coded into the compiled PHP executable) and add that to your setting, but hard-coding anything means that changes to later versions of software have now been overridden in a non-obvious way.

My solution of the day is to create a symbolic link in one of the default included directories that refers to a folder with the libraries I want.  Because this link requires a name, there’s the additional benefit that including any of my own functionality is obvious from the include line:


Multiple Return Addresses for Mac Mail

It’s handy to have multiple email addresses if you have multiple contexts in which you interact with people.  You could create separate mailboxes, but that both prevents you from mixing emails if you want to, and requires extra administration.

It’s easy to configure this with Mac Mail in Yosemite.  In the “email address” field on Accounts | Account Information, just separate multiple email addresses you want as possible return addresses with commas.

You’ll then get a dropdown list of choices for from which email address you want to send when you email.  Of course, you’ll have to make sure that those addresses are actually forward to your email box by creating email aliases with your mail server, or using a catch-all.configure-Mac-email

Dave McClure’s AARRR: Startup Metrics for Pirates

Dave McClure’s Ignite Seattle talk on metrics is worth the five minute and 14 seconds it takes to watch.

“There are five steps…

Acquisition – where users come from.  What are high volume channels, what are low cost channels, and what are best performing conversion channels?

Activation – a happy first experience.

Retention – they come back

Referral – they tell other people.  Don’t try to do viral marketing campaigns until your product doesn’t suck.

Revenue – you make money”

What I Wish I’d Known About Amazon’s AWS S3

While S3 standards for Simple Storage Service, there are a number of configuration options for rights management that are somewhat complex, and not presented in the same way through the console as are available through either the API or the AWS console.  Had I known these things earlier, I would have been saved time.

1.  An Amazon Retail Account is Linked to an AWS Account

2. The set of rights shown on the console does NOT align with the rights through the API.

As shown, the available rights for the Grantee are only:




Edit Permissions

This is a dramatic oversimplification of the control available through bucket policies and the API.  For example, upload and delete rights are separate privileges, allowing you to create an account which can provide new files to S3 in a bucket, but doesn’t the right to delete anything, even files uploaded through that account.

3.  The rename function requires delete privileges

I can’t find this documented, but renaming any resource, including a folder, requires that delete privileges be granted.  That’s an unfortunate limitation, since it might be useful to doanything but remove data.  Still, better to plan ahead, knowing you can’t rename.

4.  Renaming a file through the console without permissions fails silently

This seems like a bug, but rename simply doesn’t succeed.  Your only indication of failure is that the file is not updated to the new name in your browser.

5. S3 Doesn’t Support Directories, But…

Creating a “directory” doesn’t behavior as it does on an operating system, but neither is it merely a simulation.  You can create a “directory” that’s empty and something is there on the system.  But you can also change your mind about what character separates virtual path elements.BucketProperties_PermissionsPolicy_0