Why are you just allowing anything outbound or inbound? You can specify Allow/Deny on any combination of source subnet, dest subnet, source port, dest port for starters. That gets you a pretty comprehensive ability to lock down a VPC on its own.
Just in case those IPs are within your AWS account: you can apply a single security group to those machines and then use that security group as the destination in the outbound rule.
If they're outside your account then, you're right, that's a shortcoming in AWS (Azure and GCP both allow multiple destinations in a single rule).
Dumb question: if the IPs are coming from Route53 for web addresses, why don't you just point them as aliases to the same load balancer? Done and done, right?
The dealership model exists outside of the US where it's legally enforced as well. Most businesses are pretty good at their core business but not so good outside of that, and the same is true for the automotive industry. Manufacturers are good at designing and manufacturing vehicles, but retailers in general are much better at selling them and managing the customer relationship. Many manufacturers outside of the US sell direct to consumer alongside private retail dealerships, and in general they are outperformed by the private dealerships.
Your argument makes sense in theory and yet I can't think of a single retail shopping experience that's worse than going to a dealership. I've been putting off replacing two cars because the experience is so awful.
What specifically are the problems you have? I'm interested in this because I've been working in the automotive retail industry for the better part of my career, and it's my job to provide technological solutions to improve the customer experience in dealerships.
The problem isn’t tech, it’s sales and marketing. The OEMs advertise a low starting price. Once you’re in the door a salesman who can’t tie his shoelaces tells you that heated seats are only available on the super-luxury XSEL++ model which costs 1.5-2x as much. Then you have to negotiate with some other guy over pricing. Then some guy who the dealership hired away from the mafia tries to sell you the most expensive financing imaginable. Then he tries to sell you underbody liner and some other junk. Three hours later you have a car.
It would be nice if almost everything was included and if I didn’t have to haggle like some I’m at a flea market.
Yep, this is a common complaint and it's starting to be addressed. An example is Lexus have introduced Lexus Plus which is a program that offers zero negotiation and a single point of contact. Problem is there's a non-significant portion of the customer base that wants to negotiate and enjoys the experience of going around between different people in a dealership. For a big purchase like a car they want to feel like they're being given options and a say in the price. Retaining the experience they enjoy, but providing the opposite for others is a challenge.
There isn't an expectation that you will put in all the time required to completely learn a game, but there is an expectation that you will put in the time required to have a basic understanding of the game. As a parent you should know what games your children are playing, the type of content they're being exposed to within those games, and the amount of time they're putting into them. If you're not willing to put in enough time to know what your children are doing then don't have children.
Not really. In lots of relatively large companies there is a good relationship between infrastructure, development and security teams and they will work to find a solution that works for everybody.
You also pay for support so that when your senior engineers all pack up and start their own business together you can ring somebody to keep your infrastructure running while you find more people with the right level of knowledge.
Except that's not really what break-fix support covers. Specifically, support doesn't typically touch your infrastructure; it provides advice, documentation and patches which a local team needs to actually implement.
Advice is the key here. If you're in a situation where literally your entire team goes then you've probably got bigger problems, but when you lose some key people having professional support available to guide your juniors is beyond useful.
I use Linux on my workstation, Windows at work, and Mac on my laptop. I don't get what's so terrible about the Finder. If anything, it makes you miss column view in other desktop environments (and space to preview!). [An aside, regarding Open/Save file dialogs: dragging a file into an open dialog is great, and neither Windows or Linux have been able to do copy that functionality. The best you can do is to copy and paste a path.]
I've asked this before and I've never received a list of grievances which led me to conclude that people are just not familiar with Finder.
Have you used ranger, Linux's command line visual file manager? You might like it. Navigate directories/files with arrow keys, space to open/view, ton of shortcuts for eg copy/paste/move/rename etc.
You're right that the problem is unfamiliarity rather than a lack of features per se, but since every other GUI file manager 'just works' (I can intuitively tell how to do basic tasks) and finder doesn't I think it's a legitimate complaint.
