There are two parts to this:
- Managing access to non-public S3 resources.
- Building RPM repositories in an automated, deterministic way that Yum can use.
In general, a CentOS 7 x86_64 box in AWS EC2; in specific, this Packer profile.
jimsmith
jimsmith
/ lambda_function.py
Created
April 24, 2020 23:11
— forked from jonrau1/lambda_function.py
Lambda function (Py 3.8) to convert VPC flow logs from Cloudwatch Logs into JSON. Performs enrichment by adding ENI and EC2 information, reverse DNS and geolocation courtesy of ip-api.com
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import os | |
| import json | |
| import boto3 | |
| import ipaddress | |
| import socket | |
| import base64 | |
| import zlib | |
| import datetime |
jimsmith
/ PY0101EN-1-1-Types.ipynb
Created
November 13, 2019 08:30
— forked from meodihia/PY0101EN-1-1-Types.ipynb
Created on Cognitive Class Labs
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
jimsmith
/ add_cloudflare_ips.sh
Created
November 13, 2019 08:21
— forked from mr-brody/add_cloudflare_ips.sh
Add CloudFlare IP addresses to an EC2 Security Group using awscli
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # first we download the list of IP ranges from CloudFlare | |
| wget https://www.cloudflare.com/ips-v4 | |
| # iterate over the lines in the downloaded file | |
| # make sure to set `--group-id` and `--port`; more details at http://docs.aws.amazon.com/cli/latest/reference/ec2/authorize-security-group-ingress.html | |
| while read p; do aws ec2 authorize-security-group-ingress --group-id sg-e0000000 --protocol tcp --port 80 --cidr $p; done< ips-v4 |
jimsmith
/ S3_as_Yum_repo.md
Created
November 13, 2019 08:20
— forked from mr-brody/S3_as_Yum_repo.md
Use S3 as a Yum repo
jimsmith
/ AWSTrustedAdvisorAlerts.json
Created
March 26, 2018 08:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion":"2010-09-09", | |
| "Description":"This Template creates an Amazon Cloudwatch Alert for Trusted Advisor open ports, protocols, IAM credentials not rotated in 90 days and must be created in us-east-1.", | |
| "Parameters":{ | |
| "EmailAddress": { | |
| "Description": "Email Address for sending SNS notifications for TrustedAdvisor", | |
| "Type": "String" | |
| } | |
| }, | |
| "Resources":{ |
jimsmith
/ ansible-galaxy-1.94-issue
Last active
November 17, 2016 13:43
ansible galaxy NOT installed successfully.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ansible --version | |
| ansible 1.9.4 | |
| configured module search path = None | |
| $ cat requirements.yml | |
| - src: [email protected]:roles/haproxy.git | |
| version: master | |
| name: haproxy-basic |
jimsmith
/ aws-cross-over-policies-snippet.txt
Last active
November 13, 2019 08:23
aws-cross-over-policies-snippet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| e.g Scenario AWS Dev Account: 111111111111 (ec2 instance) to access s3 service in PROD Account: 222222222222 | |
| This is account that has ec2 instance: DEV | |
| IAM User: test | |
| Inline policy: | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", |