Skip to content

Instantly share code, notes, and snippets.

View ismailyenigul's full-sized avatar

ismail yenigul ismailyenigul

21 followers · 2 following
View GitHub Profile
@ismailyenigul
ismailyenigul / aws-vpc-flow-s3-bucket-poilcy.json
Last active August 17, 2023 12:11
AWS S3 bucket policy for writing from AWS VPC Flows on multiple AWS accounts
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AWSLogDeliveryWrite",
"Effect": "Allow",
"Principal": {
"Service": "delivery.logs.amazonaws.com"
},
"Action": [
@ismailyenigul
ismailyenigul / linux-vmware-new-disk-detect.sh
Created April 28, 2021 20:59
Detect Linux new disk on vmware
#if you added new disk
for host in $(ls -1d /sys/class/scsi_host/*); do echo "- - -" > ${host}/scan ; done
#if you resized the existing disk
for device in $(ls -1d /sys/class/scsi_disk/*); do echo "1" > ${device}/device/rescan ; done
@ismailyenigul
ismailyenigul / aws-cli-assume-role-sts.md
Last active April 8, 2021 12:35 
export ROLEARN="arn:aws:iam::<aws_account_number>:role/<role_name>"
export SESSION_NAME=mysession

ASSUME_ROLE=$(aws sts assume-role \
                    --role-arn "$ROLEARN" \
                    --role-session-name "$SESSION_NAME")

export AWS_ACCESS_KEY_ID=$(echo $ASSUME_ROLE | jq -r .Credentials.AccessKeyId)
@ismailyenigul
ismailyenigul / argocd-user-and-role.md
Created March 11, 2021 13:14

Sample values.yml for argocd-helm chart to create users and grant permissions.

config:
  # Argo CD's externally facing base URL (optional). Required when configuring SSO
  accounts.qauser: apiKey, login
  accounts.devuser: apiKey, login
  accounts.adminuser: apiKey, login
    .....
 rbacConfig:
@ismailyenigul
ismailyenigul / Lens-aws-vault-Kubernetes.md
Created March 9, 2021 15:23

I use aws-vault with Yubikey to access AWS resources.

Lens is great Desktop tool to see/manage all k8s resources.

The following commands help me to open Lens The Kubernetes IDE the right EKS cluster on MacOS

# aws-vault  exec -d 12h --prompt ykman my-profile -- 
# aws eks update-kubeconfig --name my-eks-cluster  #switch to the right cluster
# /Applications/Lens.app/Contents/MacOS/Lens
@ismailyenigul
ismailyenigul / sample-aws-multi-account-policies.md
Last active February 28, 2021 19:29
sample policies for aws multi-acount-with-assume-roles
@ismailyenigul
ismailyenigul / ekscloudwatch-aws-eks.md
Last active August 31, 2022 15:28
ekscloudwatch deployment and role for AWS EKS and Falco 
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Action": [
                "logs:List*",
@ismailyenigul
ismailyenigul / jenkins-ecr-push-with-ec2-iam-role-permission.md
Last active February 24, 2022 10:10 
pipeline {
  agent any
     environment {
        AWS_REGION  = 'eu-west-1'
        GITCOMMIT="${env.GIT_COMMIT}"


    }
 //  options {
@ismailyenigul
ismailyenigul / terraform-templatefile-tag-cloudformation.md
Created December 17, 2020 18:15
terraform templatefile and handling tags for cloudformation yaml

I used the following code block to add Tags into Cloudformation yaml file.

 %{~ if length(mytags) >0 ~}
      Tags:
     %{~ endif ~}
    %{~ for tag_key, tag_value in mytags ~}
        - Key: "${tag_key}"
          Value: "${tag_value}"
    %{~ endfor ~}
@ismailyenigul
ismailyenigul / jenkins-groovy-script-aws-ecr-list-images-by-date.md
Created September 25, 2020 17:16
Sorting AWS ECR images by date with Jenkins groovy script