We can consider it if there's a demand for it. Btw, CloudAlarm only requires a read-only access [0] to the Azure subscription, so certainly we can't make any changes to the resources.
Good question. In addition to a budget amount, Azure requires you to specify a threshold value – a percentage of the budget – and triggers an alert only when your consumption hits that value. CloudAlarm, on the other hand, only requires you to specify the budget and notify you if your current consumption is estimated to exceed it.
For instance, suppose you set a budget of $1000 and a threshold value as 50%. Now suppose that someone creates a resource accidentally with a wrong tier – say an expensive SQL database – that has a cost of $50 per day while the need and approval was for a $1 per day tier. You also have other resources costing $30 per day so total cost is now $80 per day.
With Azure budget actual-based alerts, you'll likely get notified on the 8th day by which time you have consumed 50% ($560) of your budget, of which $350 is the cost of that database alone instead of $7. With Azure budget forecast-based alerts, you'll still get notified after a few days again when you've consumed 50% of your budget as per the forecasted cost for the month. We're not privy to the exact algorithm that calculates forecast cost, but in either case the important point is that you need to have consumed a threshold or percentage of your budget amount before you get notified.
For the same scenario of $80 being spent per day, CloudAlarm will alert you on the 2nd day itself by which time you've spent only $50 (instead of $350 as in case of Azure budget alerts) on the wrong tier of SQL database.
CloudAlarm has to wait for a day because Azure doesn't provide a way to know the actual cost for a given resource, until that resource has been consumed for a day. However, with 'New Resource' alarms (not available in Azure) you can even bypass this limitation by setting up alarms to notify you if a resource is created in tiers you don't expect to use. resource alarms are run every few minutes so you'll not even consume few dollars for the same database scenario and you'll get notified of the mistake. You can immediately amend the tier and literally save yourself almost the entire cost – and a charge of $2 or so for an hour would be the cost incurred instead of hundreds of dollars if you had relied on Azure budget alerts.
The forecast alert also requires a threshold amount so essentially you have to consume that threshold before Azure will notify you. Additionally, the consumption calculation will be based on Azure forecasting algorithm, which usually can be way off from the actual consumption as it relies on historical consumption data.
I don't believe drugs whether prescribed or recreational can cure Mental disorders. yes they may alleviate the symptoms but they don't really work on the root cause which are basically ones mental tendencies, thought patterns or habits acquired over a period of time. here[0] is a different take on what depression is and gives a high level road map to come out of it, for more details this [1] is a book by the same author and for testing out if those methods work here is an app [2] again from the same monk.
p.s i have followed all three & i must say the quality of life has improved considerably
The good news is that studies such as this produce empirical, scientific evidence that supercedes anecdotes and individuals' belief patterns -- whether they're negative or skeptical (as yours) or hyper-positive cure-alls (eg from psychonauts)
Before science can appreciate the mental/causal causes of the depression and related diseases, it needs to find an evidence for and establishes the separation of mind from physical brain. Hopefully an intensive exploration of consciousness and intelligence will lead to some empirical conclusions.
But that’s exactly what psychedelics do, they rewire the brain. In neuroscience terms they disrupt the default mode network. In other words they open your mind up and allow it to break free of the tendencies, thought patterns and habits.
This is why they’re more akin to therapy than recreational drugs
Not all depression is attributable to environmental factors. If it is, the environmental factors is what a psychologist looks at with you. If it's not, you use some sort of medication to solve it. Reducing every kind of thing that you can get medication for that isn't entirely physical to a "mental disorder" is both dismissive and kind of insulting, which really doesn't help the point you're trying to make here.
Which appears to be that some random book has all the answers that somehow nobody else has really figured out. Oh, and there's an app!
Perhaps, but it is a lot easier to take long term action on your mental tendencies if you don't feel the blackness closing in every second.
We have a long century ahead of us to pull out of the mental health slump we are seeing (similar perhaps to the physical health slumps following industrialisation). We will need many tools in the kit.
Friend was treated for "mental disorder". She was fine, except food allergy. If she followed this "bro science", she would be dependent on God knows what, with real mental problems.
https://aspsecuritykit.net/features/#mfa, ASPSecurityKit mentions it can integrate with different token providers and Saas Pass has custom integration via API as well
Glad you asked! I'd incurrage to go through this [0] guide, or watch [1] video. But briefly: ASP.NET Core policy authorization works on full trust mode when it comes to the data sent by the callers. This means unless you write code to authorize access to resources, users will have access to everything. And to authorize a single resource mentioned in an API operation, you have to write lot of code including a requirement definition, an authorization handler, and invocation of the authorizationService from the action body. Just imagine doing this for multiple resources in an operation and doing it for hundreds of API operations. All this is hard-coded which is vulnerable to omission and manual mistakes, not to mention the time you spend on writing/maintaining such code.
On the other hand, ASPSecurityKit works on zero-trust principle, which means by default users have access to nothing, and gain access to only those resources you explicitly grant. The best part is that you don't have to write any code for this protection in most cases; your code remains crisp and clean throughout.
Agreed that open by default is bad once you start building APIs, but it’s pretty easy to register a default policy to require authorization and override it with AllowAnonymous or other policies as required.
The focus here is on resource authorization, and for that there's no default in policy authorization. You've to write code in action body, capturing each id input from the request object, and authorizing it via the default authService explicitly.
You can imagine that it's easy to miss out on some property – say by a new developer down the line while adding a new property to the request model.
And if that happens, a whole for the intruder becomes available to pass any id, and leak data of your users.
Additionally, the problems of your auth code mixing with action body, and hard-coded checks of roles/privileges and extensive testing for changes are always there.
While with ASPSecurityKit's ADA, it's always unobtrusive and kinda automated authorization once you've setup the convention in the beginning of the project (which is fairly simple, one line of code usually as shown in the video).
If you forget something, the default is with ADA to deny access (zero-trust), and not pass-through.
This points to the last A in AAA of security which stands for Authentication, Authorization & Accounting, AAA moniker is commonly used in reference to either RADIUS or Diameter (network protocols), the concept is widely used for software application security as well.
So Accounting implies What resources were accessed, at what time, by whom, and what commands were issued?
