Skip to content

Instantly share code, notes, and snippets.

View giuliocalzolari's full-sized avatar

Giulio Calzolari giuliocalzolari

19 followers · 3 following
View GitHub Profile
@giuliocalzolari
giuliocalzolari / nginx.conf
Created February 7, 2018 15:05
Using nginx to proxy to an AWS internal ELB
daemon off;
worker_processes auto;
events { worker_connections 1024; }
http {
sendfile on;
@giuliocalzolari
giuliocalzolari / .bash_profile
Created March 15, 2018 09:29
aws cli helper
# auto mfa
complete -W "$(ls -1 ~/.aws/*.mfa | awk -F "/" '{print $5}' | sed -e 's/\.mfa$//')" mfa
function mfa () {
oathtool --base32 --totp "$(cat ~/.aws/$1.mfa)" | pbcopy ;
}
# manual mfa
function mmfa () {
oathtool --base32 --totp "$1" ;
@giuliocalzolari
giuliocalzolari / seelog.xml
Created March 27, 2018 12:14
SSM Log to Cloudwatch
<seelog type="adaptive" mininterval="2000000" maxinterval="100000000" critmsgcount="500" minlevel="info">
<exceptions>
<exception filepattern="test*" minlevel="error"/>
</exceptions>
<outputs formatid="fmtinfo">
<console formatid="fmtinfo"/>
<rollingfile type="size" filename="/var/log/message" maxsize="30000000" maxrolls="5"/>
<custom name="cloudwatch_receiver" formatid="fmtjs" data-log-group="/aws/ssm/demolog"/>
</outputs>
<formats>
@giuliocalzolari
giuliocalzolari / gist:c78ca1a8b154502c4009cb3a7d5f871e
Created May 8, 2018 20:31
backup.sh
#!/bin/bash
export AWS_DEFAULT_PROFILE=zzzzzz
BUCKET=xxxxx
# DIRS="$HOME/.bash_profile $HOME/.gitconfig $HOME/.aws $HOME/.ssh $HOME/.bashrc $HOME/.gnupg $HOME/.bash_history"
DIRS="$HOME/.bash_profile $HOME/.gitconfig $HOME/.aws $HOME/.ssh $HOME/.bashrc $HOME/.gnupg $HOME/.bash_history $HOME/git"
echo "Backup $DIRS.."
@giuliocalzolari
giuliocalzolari / buildspec.yml
Last active February 7, 2019 11:08
rclone example
version: 0.2
env:
variables:
RCLONE_CONFIG_PUBLIC_TYPE: "http"
RCLONE_CONFIG_S3_TYPE: "s3"
RCLONE_CONFIG_S3_PROVIDER: "AWS"
RCLONE_CONFIG_S3_ENV_AUTH: "true"
RCLONE_CONFIG_S3_REGION: "eu-central-1"
@giuliocalzolari
giuliocalzolari / C:\Program Files\Amazon\EC2config\Settings\AWS.EC2.Windows.CloudWatch.json
Last active July 23, 2019 07:56
AWS CloudWatch with Custom metrics(Memory,FreeDisk) with EC2config
{
"EngineConfiguration":{
"PollInterval":"00:00:15",
"Components":[
{
"Id":"ApplicationEventLog",
"FullName":"AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters":{
"LogName":"Application",
"Levels":"1"
@giuliocalzolari
giuliocalzolari / insecure-sg-scanner.py
Last active September 14, 2018 09:02
AWS insecure Security Group Scanner
#!/usr/bin/env python
import boto3
import json
import sys
def find_public_addresses(ec2):
public_instances = {}
instance_public_ips = {}
instance_private_ips = {}
instance_ident = {}
@giuliocalzolari
giuliocalzolari / lambda-acm-validate.cfn.yaml
Created February 1, 2019 09:01
Lambda ACM CFM
AWSTemplateFormatVersion: '2010-09-09'
Description: Automatically validate ACM requests from this account
ACMApproverRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
@giuliocalzolari
giuliocalzolari / UserData.ps1
Last active February 8, 2019 10:47
EC2 UserData - AD autojoin
<powershell>
$password = (Get-SSMParameter -Name /ds/svc_password -WithDecryption $true).Value | ConvertTo-SecureString -asPlainText -Force
$username = (Get-SSMParameter -Name /ds/svc_user -WithDecryption $true).Value
$credential = New-Object System.Management.Automation.PSCredential($username,$password)
$instanceID = invoke-restmethod -uri http://169.254.169.254/latest/meta-data/instance-id
Add-Computer -domainname example.com -ComputerName $instanceID -Credential $credential -Passthru -Verbose -Force -Restart
</powershell>
@giuliocalzolari
giuliocalzolari / .gitlab-ci.yml
Created April 10, 2019 13:19
terraform .gitlab-ci.yml
# source https://github.com/radekg/terraform-provisioner-ansible
image:
name: rflume/terraform-aws-ansible:latest
stages:
# 'global' stages
- validate global
- plan global
- apply global
# Dev env stages