Ashish R Bhandari aashishrbhandari

🎯

Focusing

A Learner and Explorer who wants to understand how things work.

aashishrbhandari / bedrock_prompt_api_call.py

Last active January 5, 2024 07:53

	"""
	Overview:

	Make an API call to bedrock to get Prompt Results

	Note: It uses IAM Role for making API call to AWS.

	"""

	import boto3

aashishrbhandari / terraform_enable_cloudtrail_s3log.tf

Created September 10, 2023 07:34

	/ Enable CloudTrail and Logging to S3 /

	# Create S3 Bucket for CloudTrail Events
	resource "aws_s3_bucket" "cloudtrail_s3_bucket" {
	bucket_prefix = "aws-cloudtrail-logallapi"
	}

	# Enable CloudTrail Log to S3
	resource "aws_cloudtrail" "cloudtrail_event_api" {
	name = "LogAllAPI"

aashishrbhandari / set_proxy_for_npm.sh

Created June 19, 2023 07:02

	## Change the Variable IP and Port with the respective Proxy IP and Port.

	IP="1.1.1.1"
	PORT=3456


	## Tells the NPM to use proxy when downloading packages

	npm config set proxy http://$IP:$PORT
	npm config set https-proxy http://$IP:$PORT

aashishrbhandari / aws_iam_role_creds_extraction.sh

Created June 19, 2023 06:58

	## Single Liner command to get the Role Temporary Security Credentials
	TOKEN=`curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` && ROLE_NAME=`curl -s -H "X-aws-ec2-metadata-token: $TOKEN" "http://169.254.169.254/latest/meta-data/iam/security-credentials/"` && curl -s -H "X-aws-ec2-metadata-token: $TOKEN" "http://169.254.169.254/latest/meta-data/iam/security-credentials/$ROLE_NAME"

	## Breakdown

	# Get the Token to access the AWS EC2 Metadata, with the IMDSv2 we need to have a TOKEN to access EC2 metadata
	TOKEN=`curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"`

	# The Below curl will use the Above Token and get the Rolename assigned to the EC2
	ROLE_NAME=`curl -s -H "X-aws-ec2-metadata-token: $TOKEN" "http://169.254.169.254/latest/meta-data/iam/security-credentials/"`

aashishrbhandari / sudo_command_based_access_basic.conf

Created June 19, 2023 06:45

	# Linux RBAC
	# Providing User `user01` to run few commands as root user
	user01 ALL = (root) NOPASSWD: /usr/bin/systemctl restart nginx
	user01 ALL = (root) NOPASSWD: /usr/bin/ls /var/log/*
	user01 ALL = (root) NOPASSWD: /usr/bin/tail /var/log/*
	user01 ALL = (root) NOPASSWD: /usr/bin/tail * /var/log/*

aashishrbhandari / teleport.sh

Created June 19, 2023 06:43

	# A Basic Script to create a initd file to start teleport on backgroud
	#!/bin/sh

	nohup /usr/local/bin/teleport start -c /etc/teleport.yaml 2>&1 >> /var/log/teleport.log &

aashishrbhandari / aws_cli.sh

Created April 22, 2023 09:50

	## Get all Instance inside a VPC, part of VPC

	aws ec2 describe-instances \
	--filters "Name=vpc-id,Values=vpc-9999999999999" "Name=instance-state-name,Values=running" \
	--query \
	'Reservations[].Instances[].{
	Name: Tags[?Key==`Name`].Value \| [0],InstanceId:InstanceId,
	Id: InstanceId,
	SubnetId: SubnetId,
	AZ: Placement.AvailabilityZone,

aashishrbhandari / slack_webhook_message.py

Last active October 25, 2022 15:24

	import requests, json

	# Slack WebHook Required
	slack_webhook_url = "https://hooks.slack.com/services/XXXXXXXXXX/XXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx"

	# Use the blocks from slack_webhook_blocks.txt
	message = {
	"blocks": [
	{
	"type": "divider"

aashishrbhandari / slack_webhook_blocks.txt

Created October 25, 2022 15:19

	# How to Use the Below Blocks

	# Refer Python code: Github Gist: slack_webhook_message.py

	## Not Very Effective
	## To Create a `Section` in a Table Format
	{
	"blocks": [
	{
	"type": "divider"

aashishrbhandari / OpenLDAP with SSL

Created February 23, 2022 08:59

	# Go to ldap Folder and create a SSL Folder
	cd /etc/ldap/

	mkdir ssl

	cd ssl/

	# Create CA
	openssl req \
	-subj "/C=IN/ST=Maharashtra/L=Mumbai City/O=Information Security Systems/OU=IT Services/CN=OpenLDAP Test Server" \