Start Here
Insights
Concepts, decision points, troubleshooting patterns, and operator-facing field notes.
Topic Hub
AWS
AWS operations, hosting, identity, networking, storage, and future cloud runbooks.
Use this hub as a cross-surface map: start with insights for this topic, then branch into supporting tools, drills, and implementation work as needed.
Related Items40
Best First StopInsights
How To Use This Hub
16 Insights14 Toolchest10 Labs
Support Surface
Toolchest
Checklists, scripts, templates, and evidence packs you can use once the path is clear.
Support Surface
Labs
Hands-on build guides and validation environments for testing ideas end to end.
Insights
Insights that frame AWS
Insightssecurity-sensitive
OPNsense WAN DHCP failure after a MAC address or ISP lease change
Use this when OPNsense stops receiving the expected WAN DHCP lease after a reboot, VM move, NIC change, modem/ONT reset, or ISP equipment change.
Insightsreview-before-running
Troubleshooting AADSTS500200 Error When Using Personal Microsoft Account for Azure Resource Manager Access
Use this when AADSTS500200 appears because Azure Resource Manager access is attempted with a personal Microsoft account.
Insightsreview-before-running
Troubleshooting AWS Amplify GitHub Repository Reconnection After Ownership Transfer
Use this when AWS Amplify cannot reconnect to a GitHub repository after an ownership transfer or redirect change.
Insightschanges-system-state
Troubleshooting AWS Bedrock Agent Action Group Creation Failure with Claude 3.5 Sonnet - Tool Name Validation Error
5 Sonnet may fail due to tool name validation errors. Ensure the tool name meets AWS naming conventions and is unique before attempting to create the action group.
Insightssecurity-sensitive
Troubleshooting Azure Application Gateway: Fixing DNS Configuration to Resolve Internal Container App Connection Issues
Use this when Azure Application Gateway cannot reach an internal container app because DNS or outbound path resolution is wrong.
Insightssecurity-sensitive
Troubleshooting Azure OpenAI Realtime API Server Errors During Response Processing
Use this when Azure OpenAI Realtime API calls fail during session creation, streaming, or response processing.
Insightsreview-before-running
Troubleshooting Keyboard Lights Not Working in VMware Workstation
Use this when keyboard backlight or LED behavior stops matching expectations inside VMware Workstation.
Insightschanges-system-state
Troubleshooting Kubernetes Webhook Timeout: No Endpoints Available for AWS LB Controller and External Secrets during ArgoCD Sync
Use this when ArgoCD sync stalls on webhook timeouts or no endpoints available for the AWS Load Balancer Controller or External Secrets.
Insightschanges-system-state
Troubleshooting M365 Domain DNS Setup Issues
A Microsoft 365 domain DNS checklist for validating ownership, MX, Autodiscover, SPF, Teams/Skype records, propagation, and rollback before changing production mail flow.
Insightschanges-system-state
Troubleshooting PowerShell Scripts That Do Not Run and Show No Error
Use this when a PowerShell script appears not to run and no useful error appears.
Insightschanges-system-state
Troubleshooting RDP Disconnections on Windows Server 2025 due to Security Group Misconfigurations
Use this when Windows Server 2025 RDP sessions disconnect unexpectedly.
Insightschanges-system-state
Troubleshooting RDS Broker Connection Issues on Windows Server
Use this when Windows Server users cannot reach the expected session host because the RDS broker is not routing connections correctly.
Insightschanges-system-state
Troubleshooting RTX 4000 SFF Ada Passthrough GPU Reset Failure on ESXi 8 with Minisforum MS-02
A GPU passthrough checklist for RTX 4000 SFF Ada cards on ESXi 8 and Minisforum MS-02 hosts, covering firmware, VM settings, and validation.
Insightssecurity-sensitive
Troubleshooting RustRover Remote Docker Connections over SSH
Use this when RustRover cannot connect to a remote Docker host over SSH.
Insightsreview-before-running
Troubleshooting SQL Server BACPAC Import Error: Foreign Key Constraint Conflict SQL72014 Msg 547
Use this when a SQL Server BACPAC import fails with SQL72014 Msg 547 and a foreign key constraint conflict.
Insightsread-only
Validating File Migrations Before Cutover and Proving the Target Is Authoritative
Use this when you need a validation model that proves a migrated target is ready before users, apps, or cutover steps depend on it.
Toolchest
Toolchest assets for AWS
ToolchestScriptActive Directory and IdentityRead-only
AD stale computer cleanup report
A read-only Active Directory stale computer report for last logon, OU, operating system, enabled state, and cleanup planning.
ToolchestTemplateHybrid Cloud OperationsRead-only
Azure Arc bulk onboarding CSV and logging starter
Reusable starter for Azure Arc onboarding waves using a host CSV, dry-run expectations, per-host logging, and repeatable result tracking suitable for tickets, change records, and post-wave reporting.
ToolchestTemplateReporting and Evidence PacksRead-only
Azure Update Manager compliance workbook starter
Starter template for an Azure Workbook plus Resource Graph evidence pack that shows patch compliance, pending updates, unsupported coverage, and patch-group drift across Azure and Arc-enabled machines.
ToolchestChecklistDNS and DHCPRead-only
DNS and DHCP Health Check
A diagnostic DNS and DHCP triage flow that captures evidence, follows decision branches, and explains what each result means before changing anything.
ToolchestScriptConnectivity and Network TriageRead-only
DNS resolution and reverse lookup audit
A read-only DNS audit that compares forward and reverse lookup results across host lists and expected DNS servers.
ToolchestScriptFile, Backup, and Storage OperationsRead-only
File share permission audit
A read-only file share audit that records SMB share permissions, NTFS access, and ownership evidence for review.
ToolchestTemplateReporting and Evidence PacksPlanning aid
HTML operations email reporting starter
Reusable template for infrastructure scripts that produce an HTML email report with summary tiles, per-host results, failure sections, runtime metadata, operator notes, and a plain log. Designed to give admins a repeatable evidence format for tickets, maintenance summaries, and validation drills without embedding unsafe credential handling.
ToolchestChecklistActive Directory and IdentityRead-only
Inactive AD user disable review workflow
Two-phase review checklist for identifying inactive AD user accounts, validating inactivity evidence, applying exclusions, capturing approval, and preparing rollback details before any disable action.
ToolchestTemplateOperations TemplatesPlanning aid
Incident Note Template
A compact operator note format for capturing symptoms, checks, decisions, and follow-up while the issue is fresh.
ToolchestScriptActive Directory and IdentityRead-only
Local administrator group audit across Windows endpoints
A read-only local administrator audit that records privileged group membership across Windows endpoints for review.
ToolchestChecklistMigration and CutoverChanges system state
Robocopy migration cutover checklist and evidence pack
Operator checklist and evidence structure for file migration cutovers using Robocopy. Covers pre-copy checks, dry-run evidence, final sync readiness, exclusion review, validation samples, rollback details, and signoff artifacts suitable for tickets and change records.
ToolchestScriptSecurity and Exposure ChecksRead-only
Windows firewall rule audit
A read-only Windows Firewall audit that records enabled allow rules, ports, profiles, and address scopes.
ToolchestChecklistPatch and Reboot ReadinessChanges system state
Windows Update readiness and repair evidence pack
A patch readiness and repair evidence pack for reboot state, servicing health, update logs, and approved repair actions.
ToolchestChecklistPatchingChanges system state
Windows Update Repair Checks
A staged Windows Update troubleshooting path that starts read-only and escalates only when needed.
Labs
Labs and build work for AWS
LabsHome Automation and IoTHome Assistant CoreIntermediate
Build a Home Assistant Starter Lab with Dashboards, Backups, and Room-by-Room Entity Organization
By following this guide, you will set up a Home Assistant lab that includes customizable dashboards, automated backups, and organized entities for each room in your home.
LabsNetwork and DNSNetwork VisibilityIntermediate
Build a Home Network Visibility Dashboard with ntopng, Syslog, and VLAN Traffic Summaries
Build a home network visibility dashboard with ntopng, syslog, and VLAN summaries for quick traffic checks.
LabsMonitoring and ObservabilityLogs and AlertingIntermediate
Build a Log Aggregation Starter Lab with Loki, Grafana, and Service-Specific Dashboards
Set up a starter log stack with Loki and Grafana so service logs land in one place and can be checked during incidents.
LabsSelf-Hosted Services and ProductivityDocs and File WorkflowsIntermediate
Build a Self-Hosted Password Vault Lab with Vaultwarden
A self-hosted Vaultwarden password vault with backups, recovery notes, and practical safeguards for family use.
LabsNetwork and DNSNetwork VisibilityIntermediate
Build a Small Office Network Monitoring Stack with LibreNMS, Syslog, and Alert Routing
A practical setup for a small office network monitoring stack using LibreNMS for network visibility, syslog for log management, and alert routing for notifications.
LabsHome Automation and IoTSensor and Camera AutomationIntermediate
Build a Smart Power Monitoring Lab with Home Assistant
A smart power monitoring lab that turns Home Assistant energy data into dashboards, thresholds, and household alerts.
LabsMonitoring and ObservabilityUptime and StatusIntermediate
Create a Homelab Uptime Dashboard with Docker, Grafana, and Simple Service Health Checks
A practical setup for a homelab uptime dashboard using Docker and Grafana.
LabsSelf-Hosted Services and ProductivityDocs and File WorkflowsIntermediate
Create a Self-Hosted Document Workflow with Paperless-ngx, OCR, and Backup Validation
Build a self-hosted Paperless-ngx workflow that turns scanned documents into searchable records and includes a backup check you can repeat.
LabsMonitoring and ObservabilityUptime and StatusIntermediate
Create an Uptime Kuma and Grafana Homelab Monitor with Status Pages and Escalation Rules
A homelab monitoring stack that pairs Uptime Kuma status checks with Grafana views, status pages, and escalation rules.
LabsPowerShell and Admin AutomationReporting and AuditsIntermediate
PowerShell Toolkit for Rotating Local Admin Passwords and Auditing Privileged Access Drift
Create a PowerShell toolkit for rotating local administrator passwords and checking privileged access drift across Windows machines.