Jamison Roberts jtroberts83
jtroberts83
/ non-standard-region-resource-delete.yaml
Created
March 27, 2018 17:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| policies: | |
| - name: ec2-terminate-non-standard-region | |
| resource: ec2 | |
| description: | | |
| Any EC2 instance launched in a non standard region outside | |
| of us-east-1 and eu-west-1 will be terminated | |
| mode: | |
| type: cloudtrail | |
| events: |
jtroberts83
/ terminate-ec2-stopped-over-x-days.yaml
Last active
March 27, 2018 21:12
Terminate EC2 Instances Stopped For 60 Days or More
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| policies: | |
| - name: ec2-mark-stopped-instance-realtime | |
| tags: [Realtime,Tag] | |
| resource: ec2 | |
| mode: | |
| type: cloudtrail | |
| events: | |
| - source: ec2.amazonaws.com | |
| event: StopInstances |
jtroberts83
/ c7n-org-userdata.sh
Created
March 28, 2018 15:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ASGName='YOUR_CUSTODIAN_AUTOSCALING_GROUP_NAME' | |
| RESOURCE_BUCKET='S3_BUCKET_CONTAINING_YOUR_POLICIES_AND_CONFIG' | |
| ## Sets up proxy for instance run | |
| export no_proxy="169.254.169.254" | |
| export http_proxy='http://PROXYADDRESSHERE.com:9090' | |
| export https_proxy="$http_proxy" |
jtroberts83
/ s3-public-object-acl-deny.yaml
Last active
December 4, 2018 18:06
AWS S3 Bucket Policy To Block All Public Object ACLs From Being Set
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| policies: | |
| - name: s3-deny-public-object-acl-poll | |
| resource: s3 | |
| description: | | |
| Appends a bucket policy statement to all existing buckets to deny anyone from setting s3 objects | |
| in the bucket to public-read, public-read-write, or any authenticated AWS user. | |
| actions: | |
| - type: set-statements | |
| statements: |
jtroberts83
/ autotagsgs.yaml
Created
April 5, 2018 18:35
jtroberts83
/ mailerexample.json
Created
April 6, 2018 15:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "account":"accountaliashere", | |
| "account_id":"1234567890", | |
| "region":"us-west-1", | |
| "action":{ | |
| "violation_desc":"Public IP Address:", | |
| "to":[ | |
| "[email protected]", | |
| "event-owner" | |
| ], |
jtroberts83
/ Customdefault.html.j2
Created
April 10, 2018 15:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en"> | |
| {# | |
| Template customizations: | |
| - additional parameters for slack channel and email for questions | |
| - link to our internal docs | |
| - case-insensitive tag lookups in the getTag macro | |
| - formatting that renders correctly in Office365 and acceptably in GMail |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| policies: | |
| - name: high-risk-security-groups-remediate3 | |
| resource: security-group | |
| description: | | |
| Remove any rule from a security group that allows test ingress | |
| and notify the user who added the violating rule. | |
| mode: | |
| type: cloudtrail | |
| events: | |
| - source: ec2.amazonaws.com |
jtroberts83
/ examples
Created
April 26, 2018 15:40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: delete-old-snapshots-under-20-gb | |
| resource: ebs-snapshot | |
| description: | | |
| Deletes a snapshot if its older than 7 days and it was created by cloud custodian | |
| filters: | |
| - type: value | |
| key: VolumeSize | |
| op: lt | |
| value: 20 |
jtroberts83
/ SageMakerNotebookEnforce.yaml
Created
April 27, 2018 22:13
Cloud Custodian policy chain to enforce encryption and vpc mode for new SageMaker Notebooks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| policies: | |
| - name: sagemaker-notebook-auto-tag-user | |
| resource: sagemaker-notebook | |
| description: | | |
| When a new Sagemaker notebook is created tag the creators ID to CreatorName tag | |
| mode: | |
| type: cloudtrail | |
| events: |
OlderNewer