The design and endpoint concepts are inspired by AWS’s documentation for creating an external key store. AWS XKS Documentation
Details about managing keys and using cryptographic operations with Azure Key Vault Azure Key Vault Keys Overview.
Filipe Ferreira filipeandre
filipeandre
/ verify_latency.sh
Created
March 26, 2025 16:20
Inside ECS, this allow to verify the latency to the AIM endpoint
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| while true; do | |
| curl -o /dev/null -s -w "%{http_code}, %{time_total}s\n" \ | |
| http://169.254.170.2$AWS_CONTAINER_CREDENTIALS_RELATIVE_URI | |
| sleep 5 | |
| done |
filipeandre
/ install_pgbadger.sh
Created
March 17, 2025 17:19
Install pgbadger on Amazon Linux 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "Updating package lists..." | |
| dnf update -y | |
| echo "Installing required dependencies..." | |
| dnf install -y perl perl-core perl-FindBin perl-Time-HiRes perl-JSON \ | |
| perl-Digest-MD5 perl-Text-CSV perl-LWP-Protocol-https \ | |
| perl-DBI perl-DBD-Pg tar gzip make |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| # Check for required commands: aws and jq. | |
| command -v aws >/dev/null 2>&1 || { echo "aws CLI is required but not installed. Exiting." >&2; exit 1; } | |
| command -v jq >/dev/null 2>&1 || { echo "jq is required but not installed. Exiting." >&2; exit 1; } | |
| usage() { | |
| cat <<EOF | |
| Usage: $0 [secret_name] |
filipeandre
/ install_jupiter_lab.sh
Last active
March 10, 2025 20:31
Install Jupiter lab using PIPx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install pipx | |
| python -m pip install --user pipx | |
| python -m pipx ensurepath | |
| sudo pipx ensurepath --global | |
| # install jupyterlab | |
| pipx install jupyterlab --include-deps | |
| pipx ensurepath | |
| # add common dependencies |
filipeandre
/ cloudformation-language-extensions-fn-foreach.yaml
Last active
March 7, 2025 15:41
Working Alarm template with cloudformation Fn::ForEach
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Transform: AWS::LanguageExtensions | |
| Parameters: | |
| AlarmLambdaPairs: | |
| Type: CommaDelimitedList | |
| Description: | | |
| Comma-separated "prefix:lambdaName" pairs. Example: "PrefixA:MyLambdaA,PrefixB:MyLambdaB" | |
| Default: PrefixA:MyLambdaA,PrefixB:MyLambdaB |
filipeandre
/ sources.md
Last active
February 27, 2025 12:13
Prototype of XKS proxy in Node.js that leverages the official Azure SDKs to interact with Azure Key Vault
filipeandre
/ delete_deprecated_lambdas.py
Last active
February 19, 2025 11:32
Delete all deprecated lambdas
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| def delete_old_nodejs_lambdas(): | |
| client = boto3.client("lambda") | |
| deprecated_runtimes = {"nodejs12.x", "nodejs14.x", "nodejs16.x"} | |
| # Paginate through all Lambda functions | |
| paginator = client.get_paginator("list_functions") | |
| page_iterator = paginator.paginate() | |
filipeandre
/ devops-vpn-tunnel-monitor.yaml
Created
February 6, 2025 17:14
Simple cloudformation template no monitor site to site vpn tunnels
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: Setup-Monitoring-On-AWS-Site-to-Site-VPN | |
| Parameters: | |
| UniqueName: | |
| Type: String | |
| Description: An unique qualifier | |
| AllowedPattern: ^[\\.\\-_/#A-Za-z0-9]{1,512} | |
| SnsTopicARN: | |
| Type: String | |
| Description: (Required) ARN of your SNS topic |
filipeandre
/ test_assume_role_tag_session.py
Created
January 21, 2025 16:08
Script used to validate tag session permission
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| from botocore.exceptions import BotoCoreError, ClientError | |
| def assume_role_with_tags(aws_access_key, aws_secret_key, role_arn, session_name, tags): | |
| """ | |
| Assumes an AWS IAM Role with the specified tags. | |
| :param aws_access_key: AWS access key ID | |
| :param aws_secret_key: AWS secret access key | |
| :param role_arn: ARN of the role to assume |
filipeandre
/ whitelist-role.yaml
Last active
January 20, 2025 16:06
Create a role that allows to whitelist an ipset
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: '2010-09-09' | |
| Parameters: | |
| AccountId: | |
| Type: String | |
| Description: The AWS Account ID that can assume this role. | |
| RoleName: | |
| Type: String | |
| Description: The policy name that allows add or remove ips from ipsets | |
| Resources: |