Skip to content

Instantly share code, notes, and snippets.

@MatthewJDavis
MatthewJDavis / awsSubnet.ps1
Last active April 6, 2019 01:03
output an AWS subnet(s) with name tag
# Very basic, works if only name tag is set
Get-EC2Subnet| ForEach-Object {
$properties = [ordered]@{
AZ = $_.availabilityzone
SubnetID = $_.subnetid
Name = ($_ | Select-Object -ExpandProperty Tags).value
CidrBlock = $_.cidrblock
}
New-Object -TypeName PSObject -Property $properties
function Start-DailyOnEC2 {
[CmdletBinding()]
<#
.SYNOPSIS
Turn on EC2 instances with a 'DailyOn' tag value of 'True'
.DESCRIPTION
Turn on Ec2 instances that are not in a running state and have the tag DailyOn with the value True. Script can be run on a schedule to power on test instances.
Premissions needed to start EC2 instances for running this script
#Requires -Module AWSPowerShell.NetCore
#Requires -PSEdition Core
@MatthewJDavis
MatthewJDavis / Get-ProxyEventLog.ps1
Created April 22, 2019 21:38
How to get web application proxy logs in a specific timeframe
$LogName = 'Microsoft-Windows-WebApplicationProxy/Admin'
[datetime]$StartTime = 'Monday, April 22, 2019 10:00:24 AM'
[datetime]$FinishTime = 'Monday, April 22, 2019 11:00:00 AM'
Get-WinEvent -LogName $LogName | Where-Object { $_.TimeCreated -gt $StartTime -AND $_.TimeCreated -lt $FinishTime }
@MatthewJDavis
MatthewJDavis / NoNameVolumeTaggingProto.ps1
Last active April 24, 2019 00:00
Prototype of tagging AWS EC2 volumes that have no name tag.
<#
.SYNOPSIS
The purpose of this script is to tag any EC2 Volumes without a Name tag in AWS
.DESCRIPTION
The script is run via a lambda in AWS and checks for all volumes that do not have a name tag.
If a volume is found not to have a name tag, the name of the EC2 instance is used to create the volume tag.
If the EC2 instance does not have a name tag, then use the instance id value as the name.
The new tag is applied to the volume
.EXAMPLE
Runs as an AWS Lambda
@MatthewJDavis
MatthewJDavis / New-VolumeTagLambdaRole.ps1
Created April 23, 2019 23:29
Create the policy and roles for the lambda tagging
$RoleName = 'lambda_volume_tagging'
$RoleDescription = 'Allow lambda to apply tags to volumes'
$PolicyName = 'lambda-volume-tagging'
$PolicyDescription = 'Allow lambdas to log and also tag volumes'
$policy = New-IamPolicy -PolicyName $policyName -Description $PolicyDescription -PolicyDocument (Get-Content -Path lambda-tagging-policy.json -Raw )
New-IamRole -RoleName $RoleName -Description $RoleDescription -AssumeRolePolicyDocument (Get-Content -Path lambda-trust-policy.json -Raw)
Register-IAMRolePolicy -PolicyArn $policy.Arn -RoleName $RoleName
@MatthewJDavis
MatthewJDavis / lambda-tagging-policy.json
Created April 23, 2019 23:30
Policy to allow lambda to tag EC2 objects
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:*"
],
"Resource": "arn:aws:logs:*:*:*"
},
@MatthewJDavis
MatthewJDavis / lambda-trust-policy.json
Created April 23, 2019 23:31
AWS Lambda trust policy
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
@MatthewJDavis
MatthewJDavis / TagVolumesWithNoName.ps1
Last active May 2, 2019 17:27
AWS Lambda that will tag volumes that do not have a name tag with the name or instance id of the EC2 instance they are attached to.
<#
.SYNOPSIS
The purpose of this script is to tag any EC2 Volumes without a Name tag in AWS
.DESCRIPTION
The script is run via a lambda in AWS and checks for all volumes that do not have a name tag.
If a volume is found not to have a name tag, the name of the EC2 instance is used to create the volume tag.
If the EC2 instance does not have a name tag, then use the instance id value as the name.
The new tag is applied to the volume
.EXAMPLE
Runs as an AWS Lambda
$GroupList = 'read', 'write', 'deploy'
Get-UDDashboard | Stop-UDDashboard
$ud1 = New-UDLayout -Columns 3 -Content {
New-UDCard -Title "Check it out" -Content {
$GroupList | ForEach-Object {
New-UDElement -Id "CheckboxState" -Tag "span"
New-UDCheckbox -Id "$_" -Label $_ -OnChange (New-UDEndpoint -Endpoint {
@MatthewJDavis
MatthewJDavis / Test-LastAzureADSyncTime.ps1
Last active May 20, 2019 02:35
Check AD has synced to Azure AD within the last two hours, if not, send a slack message. Azure Automation runbook.
# Azure runbook running under an automation account.
#Requires -Modules MSOnline
Import-Module -name MSOnline
$creds = Get-AutomationPSCredential -Name 'AzureADConnectSyncAccount'
Connect-MsolService -Credential $creds
$SlackHook = Get-AutomationVariable -Name 'AlertsSlackWebHookUri'
# Slack helper function
function New-MDSlackMessage {