Batch of updates

Author: eoinkelly

Caddyfile

@@ -0,0 +1,4 @@
+localhost:2020
+
+file_server browse
+encode gzip

assembler/assembler-arm/arm-basics.md

@@ -79,22 +79,29 @@ Data processing instructions have the following format
 * Immediate operand
   * lets you hard code operands into the instruction steam
 
+Each instruction:
+
 1. Takes one clock cycle to be loaded from memory
 2. Takes one clock cycle to be decoded
 3. Takes one clock cycle to execute
 
-In each clock cycle the processor is moving instructions through the load -> decode -> execute cycle
+In each clock cycle the processor is moving instructions through the
+
+    load -> decode -> execute
+
+cycle
 
 This works best with a linear block of instructions
 
-### THe ugly truth about addressing main memory with 32 bit instructions
+## THe ugly truth about addressing main memory with 32 bit instructions
 
 Notice that none of the operand boxes above are 32 bits so you can't directly put a whole memory address into it (e.g. when loading a value from memory)
+
 The biggest field in the instruction is the 12 bit "immediate operand"
+
 Question: So how do we address 32 bit values with only 12 bits available?
 Answer: It treats the 12 bits as an offset from the current value of the PC (so you can load any value within 4096 words of the PC)
     * some of the bits are used as a shift to increase that 4096 range
       * HOW???
 
-Happily assemblers take care of this drama for you.
-This does mean that what you read in an assembler listing will not match the assmebler you write
+Happily assemblers take care of this drama for you. This does mean that what you read in an assembler listing will not match the assembler you write!

assembler/assembler-arm/book-modern-assembly-lang-prog-with-arm-processor.md

@@ -37,7 +37,7 @@ There are three main ways of representing signed integers
     * the first digit is used to represent whether the number is positive or negative
         * this is subtly different to how it works in _sign magnitude_
         * number is negative if `first_digit > radix / 2`
-        * Aside: two's complement is not a more efficeint way to store numbers
+        * Aside: two's complement is not a more efficient way to store numbers
           (it is more efficient for doing computations with them)
     * the other digits represent the magnitude
         * the magnitude of a number can be found by taking its "radix complement"
@@ -50,7 +50,7 @@ There are three main ways of representing signed integers
     * to get the two's complement
         1. flip all the bits (to get the diminished radix complement)
         1. add 1 (to get to the radix complement)
-    * ++ hardware is simplified because you don't have to build a specialized subtractor circuit
+    * ++ hardware is simplified because you don't have to build a specialized subtracter circuit
     * ++ is the most common way to represent signed numbers in computers
     * -- harder for humans to do in their head
     * complement notation is most useful in base 2 (binary) numbers
@@ -108,15 +108,16 @@ first digit is the n+1 digit which we remove to subtract base^n from the number
 * Assembler uses ASCII NUL (0x00) to represent the end of strings in memory aka "the null terminated string"
 * ISO 8559 family of standards all extend ASCII to 8 bits
     * They are incompatible with each other e.g. ISO-8559-1 (Latin1) will map different glyphs to values 0x7F to 0xFF than ISO-8559-9 (Latin 5 Turkish) will
-* ISO/IEC 10646 Universal charaacter set solves this
+* ISO/IEC 10646 Universal character set solves this
     * defines code points (numbers) for almost all human languages
-    * code points written as `U+XXXXX`
+    * code points usually written as `U+XXXXX`
 * Unicode extends ISO 10646 with language specific features
 * There are a number of encodings available for codepoints from 10646 e.g.
     * UTF-8
         * variable length encoding
-        * uses the upper bits of each byte to identify whether it is the start of a new character of the continuiation of one
+        * uses the upper bits of each byte to identify whether it is the start of a new character of the continuation of one
     * UTF-16
+        * was the default on macOS and Windows (might still be?)
     * UTF-32
         * use 4 bytes for each character
         * ++ simple

assembler/assembler-arm/raspberry-pi.md

@@ -10,13 +10,11 @@ Includes the `Broadcom BCM2837` SoC
 * The Cortex-A53 supports the full ARMv8-A architecture.
 * It not only runs 64-bit applications also seamlessly and efficiently runs legacy ARM 32-bit applications.
 
-
 ## My Raspberry Pi 3
 
 * has 31 general purpose 64-bit registers
 * has 32 floating point (NEON) registers which are 128bits wide
 
-
 ```
 # specs for my Pi
 Revision	Release Date	Model	    PCB Revision	Memory	Notes
@@ -73,3 +71,4 @@ Serial          : 000000005319d64d
 
 # Raspberry Pi 4
 
+TODO

assembler/code-style.md

@@ -7,7 +7,7 @@ Overview
 
 * set tab width something consistent
 * instruction memonics and operand names in lowercase
-* lots of comments
+* use lots of comments
 * clear columns for
     * labels
     * instruction name

assembler/file-extensions.md

@@ -1,9 +1,8 @@
-`gcc` file extensions
+# Assembly file extensions
+
+`gcc` file extensions:
 
 * `.s` = assembly file
 * `.S` = assembly file that must be preprocessed with the C pre-processor (CPP)
-    * handy if you are mixing C and assembler in a project and you want to make use of your C macros
-
-The C preprocessor does things like #define #ifdef etc.
-
-ARM assembler provides `.eq` and `.ifdef` macros
+    * The assembler also has a macro system e.g. ARM assembler provides `.eq` and `.ifdef` macros
+    * This file type is handy if you are mixing C and assembler in a project and you want to make use of your C macros

aws/iam/policy-cheatsheet.md

@@ -0,0 +1,55 @@
+
+
+6 policy types
+
+1. Identity based
+2. Resource based
+3. Permissions boundary
+4. SCP
+    * The pattern in an ACP is to have one Allow statement which allows everything and then explicitly Deny things in granular way
+    * If an SCP is considered as part of a request, it **must** have an Allow for the action
+5. ACL
+6. Session policy
+
+Basics
+
+* statements are logical OR'd together
+* policies have a size limits which vary between type and can be extended https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html
+
+Important parts
+
+* `Principal` is sometimes required, sometimes forbidden
+    1. Identity based = forbidden
+    2. Resource based = required
+    3. Permissions boundary = ???
+    4. SCP = ???
+    5. ACL = ???
+    6. Session policy = ???
+* `Resource` is sometimes required, sometimes forbidden
+    1. Identity based = required
+    2. Resource based =  optional (if missing, it is set to the resource you are attaching it to
+    3. Permissions boundary = ???
+    4. SCP = ???
+    5. ACL = ???
+    6. Session policy = ???
+* `Action`
+    * always required
+    * list of actions
+    * not all actions apply to all services so sometimes if the `Principal` is set to `*` you can still constrain it to a service by choosing the right actions
+* `Condition`
+    * conditions which must be true for the statement to apply
+
+
+Evaluation
+
+Good diagram: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
+
+Every principal except the root account is implicitly denied everything by default. The root account is allowed by default in their account
+
+1. AWS evaulates the collection of policies which apply to a given request
+1. An explicit Allow in a policy overrides the default implicit Deny
+1. An explicit Deny in a policy overrides any Allow in another policy
+
+* => so the policies must have an Allow for the action in the request
+* => but if another policy has an explicit Deny then the deny wins
+

aws/certified-solutions-architect-associate/well-architected-framework.md renamed to aws/well-architected-framework.md

@@ -3,27 +3,44 @@
 * A set of best practices for building on the AWS cloud
 * Created by AWS solutions architects (employees)
 
+## Framework Overview document
+
+Well Architected is:
+
+1. 5 part document
+1. WA tool
+    * part of the management console
+    * a workload = collection of aws resources that delivers some business value
+        * can be a subset of an account or can span multiple accounts
+    * kind of a Safeplus for AWS architecture
+1. WA labs
+    * https://www.wellarchitectedlabs.com/
+    * A set of tutorials about implementing some best practices
+    * Static site built from a github repo
+1. WA Partner program
+
 
 5 Pillars
 
 1. Operational excellence
     * run and monitor systems to deliver business value
     * continually improve supporting processes
-1. Security
+2. Security
     * protect information, systems, assets
     * risk assessments
     * risk mitigations
-1. Reliability
+3. Reliability
     * ability to recover from infrastructure disruptions
-    * dynamically aquire computing resources to meet demand
+    * dynamically acquire computing resources to meet demand
     * mitigate disruptions such as misconfiguration or network latency
-1. Performance efficiency
-    * use computing resources effeciently
-    * maintain that effeciency as demand changes and technologies evolve
-1. Cost optimization
+4. Performance efficiency
+    * use computing resources efficiently
+    * maintain that efficiency as demand changes and technologies evolve
+5. Cost optimization
     * deliver business value at the lowest price point
 
-When architecting, you make trade-offs between these pillars depending on business context e.g.
+When designing architectures, you make trade-offs between these pillars depending on business context e.g.
+
 * Trade off reliability for cost optimization in development environments
 * Security and operational excellence are generally not traded off against
 
@@ -35,6 +52,7 @@ Terms
 * Workload
     * a collection of components working together to deliver business value
     * is usually the level of detail that business & technology leaders discuss
+    * can be a subset of resources in an account or can span accounts
 * Milestones
     * mark key phases in your architecture
     * design, testing, go-live, production
@@ -71,4 +89,22 @@ They mitigate the risks by
 1. Mechanisms
     * automated checks for compliance to best practices to make sure standards are met
 
-UP TO GENERAL DESIGN PRINCIPLES
+### Operational excellence pillar
+
+5 design principles for operational excellence in the cloud:
+
+1. Perform operations as code
+2. Make frequent, small, reversible changes
+    * Design workloads to allow components to be updated regularly
+    * Ideally make small changes which can be reversed if they fail
+3. Refine operations procedures frequently
+    * e.g. regular game days
+4. Anticipate failure
+    * Test failure scenarios
+5. Learn from all operational failures
+    * Share learning between teams after events
+
+
+## Operational Excellence document
+
+TODO as are all other pillar docs