As we’re running Elasticsearch inside a VPC, everyone at the office could access directly to the Kibana endpoint and do nasty things. For now we just wanted to limit the access to certain people/groups we analyzed several options as
Make a SSH tunnel – Nasty solution, doesn’t scale at all, hard to configure, need user knowledge on how SSH tunnels works
Authentication using just Cognito – Limited to Cognito user pools, cannot be linked to IAM users, need to maintain 3 user groups (IAM, LDAP/Okta and Cognito), doesn’t scale at all.
Authentication using SAML and Okta: the preferred way. We have Okta for most of our applications, it works well with SAML so we gave a try
Some years ago my father shown me a pretty awesome piece of software created by Pieter-Tjerk de Boer. And I was absolutely surprised about this. Pieter built WebSDR, a software defined radio receiver thru Internet with the great gift of many simultaneous users listening to different frequencies.
Recently, Pieter added Raspberry PI support to his software, so it was a great moment to get hands dirty on this project: A fully automated Raspberry PI 3 powered WebSDR receiver. I had a spare Raspberry PI3, and also a RTL-SDR RTL2838u usb dongle ready to be used.
I asked Pieter for a copy of WebSDR, and he answered my email with an attached compressed file with webSDR binaries and files.