Skip to content

Instantly share code, notes, and snippets.

# Windows AMIs don't have WinRM enabled by default -- this script will enable WinRM
# AND install 7-zip, curl and .NET 4 if its missing.
# Then use the EC2 tools to create a new AMI from the result, and you have a system
# that will execute user-data as a PowerShell script after the instance fires up!
# This has been tested on Windows 2008 SP2 64bits AMIs provided by Amazon
#
# Inject this as user-data of a Windows 2008 AMI, like this (edit the adminPassword to your needs):
#
# <powershell>
# Set-ExecutionPolicy Unrestricted
@razorsedge
razorsedge / encrypt-centos.org-6-ami.json
Created November 29, 2016 01:11
Packer templates to copy and encrypt a Marketplace AMI.
{
"description": "Copy the centos.org CentOS 6 AMI into our account so that we can add boot volume encryption.",
"min_packer_version": "0.11.0",
"variables": {
"aws_region": "us-east-1",
"aws_vpc": null,
"aws_subnet": null,
"ssh_username": "centos"
},
"builders": [
@williamtsoi1
williamtsoi1 / lake-s3-object-take-ownership.js
Last active September 1, 2020 07:48
a lambda function to automatically take ownership of any objects written into an s3 bucket. Inspired by https://gist.github.com/joech4n/953c1cd6a36698c5d120
console.log('Loading event');
var aws = require('aws-sdk');
var s3 = new aws.S3({apiVersion: '2006-03-01'});
var sqs = new aws.SQS({apiVersion: '2012-11-05'});
exports.handler = function(event, context, callback) {
s3.listBuckets(function(err,data) {
if (err) {
console.log('ERROR: Problem getting list of buckets. This should have something to do with incorrect IAM permissions for the lambda.');
errorMessage = 'ERROR: Error from S3: '+err;
@maravedi
maravedi / Get-WinEventTail.ps1
Last active September 19, 2023 15:19 — forked from jeffpatton1971/Get-WinEventTail.ps1
This function will allow you to tail Windows Event Logs. You specify a Logname for either the original logs, Application, System and Security or the new format for the newer logs Microsoft-Windows-PowerShell/Operational
Function Get-WinEventTail
{
<#
.SYNOPSIS
A tail cmdlet for Eventlogs
.DESCRIPTION
This function will allow you to tail Windows Event Logs. You specify
a Logname for either the original logs, Application, System and Security or
the new format for the newer logs Microsoft-Windows-PowerShell/Operational
.PARAMETER LogName
@jtroberts83
jtroberts83 / DeleteDefaultVPCs.ps1
Created August 28, 2018 12:53
Powershell Function to Delete the default VPCs within a region and all resources attached to the default VPC
Try
{
$VPCs = $null
$VPCs = Get-EC2Vpc -Filter @{Name="isDefault"; Values="true"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
$Script:TotalAPICalls ++
##Write-Host "Successfully gathered VPCs in account $Account" -ForegroundColor Green
}
Catch
{
Write-Host " ERROR gathered VPCs in account $Account - $_" -ForegroundColor Red
@skout23
skout23 / logs_insights_queries.txt
Created February 11, 2019 19:48
Scratch Pad ideas for Cloudtrail queries using AWS Cloudwatch Logs Insights
```
filter eventName="ConsoleLogin"
| stats count(*) as eventCount by userIdentity.userName, sourceIPAddress
| sort eventCount desc
filter not sourceIPAddress =~ /^(?i)123.123.123.123/ and userIdentity.userName =~/^(?i)\w/
| stats count(*) as eventCount by eventName, userIdentity.userName, sourceIPAddress
| sort eventCount desc
filter eventName="ConsoleLogin"
@dezren39
dezren39 / update-ebs-tags.ps1
Last active April 4, 2020 02:55
Sync EC2 EBS Tags with their EC2 Instances.
# Sync EBS tags with their instances.
# Script for non-CloudFormation managed tag cleanup.
# Credit: https://www.yobyot.com/aws/tag-aws-ec2-ebs-volumes-with-the-instance-name-tag/2017/02/05/
# Uses legacy AWSPowerShell monolith module.
# Assumes appropriate Exec Policy, Allow Gallery, etc...
# Install-Module AWSPowershell
Import-Module AWSPowerShell # Must import the module if you haven't already.