Jamison Roberts jtroberts83

I love to design and create AWS cloud solutions and as a hobby build and program electronics and robotics.

30 followers · 1 following

Stacklet
USA
https://www.linkedin.com/in/jamison-roberts-25535227/

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

jtroberts83 / SalactusUserDataForAmazonLinuxAMI.sh

Created July 12, 2018 16:48

Salactus User Data For Amazon Linux AMI

	#!/bin/bash
	SALACTUS_REDIS='your-redis-server-arn-redis.yfyfyfyfy.0001.use1.cache.amazonaws.com'

	export AWS_DEFAULT_REGION='us-east-1'


	echo "export AWS_DEFAULT_REGION='us-east-1'" >> /root/.bash_profile
	echo "export SALACTUS_REDIS="$SALACTUS_REDIS"" >> /root/.bash_profile
	echo "source /root/cloud-custodian/bin/activate" >> /root/.bash_profile

jtroberts83 / gist:33c6e2f9576dbd6cc7fc57e3e4ea3fd3

Created July 12, 2018 16:55

	{
	"object-reporting": {"access-denied-owner": false, "bucket": "our-salactus-s3-logs", "prefix": "objects/acl"},
	"visitors": [
	{
	"allow-log": true,
	"type": "object-acl",
	"report-only": true,
	"whitelist-accounts": ["*"]
	}
	],

jtroberts83 / KMSArnCSVBuilderLambda.py

Last active August 28, 2018 03:05

	import boto3
	from botocore.client import Config
	from datetime import datetime, timedelta
	import json


	bucket = 'yours3bucket'
	KeyArnKey = 'MyKMSArns.csv'

	KMSClient = boto3.client('kms')

jtroberts83 / BuildKMSArnCSVLambda.py

Last active August 28, 2018 02:53

Multi-Account Lambda To Build CSV of All Customer Owned KMS Key ARNs. For use with Cloud Custodian policies

	import boto3
	from botocore.client import Config
	import json


	bucket = 'your-s3-bucket'
	bucketregion = 'us-east-1'
	KeyArnKey = 'MyKMSArns.csv'
	AccountsS3Key = 'AWSAccountNumbers.csv' # A CSV containing all the AWS Accounts you want to run this script against.
	roleNameToAssume = 'Cloud_Custodian_Role'

jtroberts83 / DeleteDefaultVPCs.ps1

Created August 28, 2018 12:53

Powershell Function to Delete the default VPCs within a region and all resources attached to the default VPC

	Try
	{
	$VPCs = $null
	$VPCs = Get-EC2Vpc -Filter @{Name="isDefault"; Values="true"} -Region $Region -AccessKey $AccessKey -SecretKey $SecretAccessKey -SessionToken $SessionToken -ErrorAction Stop
	$Script:TotalAPICalls ++
	##Write-Host "Successfully gathered VPCs in account $Account" -ForegroundColor Green
	}
	Catch
	{
	Write-Host " ERROR gathered VPCs in account $Account - $_" -ForegroundColor Red

jtroberts83 / ec2-subnet-examples

Created March 19, 2019 16:38

	policies:

	- name: ec2-subnet-terminate-realtime
	resource: ec2
	mode:
	type: cloudtrail
	events:
	- RunInstances
	description: \|
	Triggered on new EC2 instances that are created and if the

jtroberts83 / CreateAllBadTagPolicies.ps1

Created March 19, 2019 20:24

Generates a policies file to use with custodian that will find any resources with bad tags

$AWSServicesArray = @("account","acm-certificate","alarm","ami","app-elb","app-elb-target-group","asg","backup-plan","batch-compute","batch-definition","cache-cluster","cache-snapshot","cache-subnet-group","cfn","cloud-directory","cloudhsm-cluster","cloudsearch","cloudtrail","codebuild","codecommit","codepipeline","config-rule","customer-gateway","datapipeline","dax","directconnect","directory","distribution","dlm-policy","dms-endpoint","dms-instance","dynamodb-backup","dynamodb-stream","dynamodb-table","ebs","ebs-snapshot","ec2","ec2-reserved","ecr","ecs","ecs-container-instance","ecs-service","ecs-task","ecs-task-definition","efs","efs-mount-target","eks","elasticbeanstalk","elasticbeanstalk-environment","elasticsearch","elb","emr","eni","event-rule","event-rule-target","firehose","fsx","fsx-backup","gamelift-build","gamelift-fleet","glacier","glue-connection","glue-dev-endpoint","health-event","healthcheck","hostedzone","hsm","hsm-client","hsm-hapg","iam-certificate","iam-group","iam-policy","iam-profile",

jtroberts83 / CreateAllBadTagPolicies.py

Created March 19, 2019 21:02

Python Script to create all policies to find bad tags for cloud custodian

AWSServicesArray = ["account","acm-certificate","alarm","ami","app-elb","app-elb-target-group","asg","backup-plan","batch-compute","batch-definition","cache-cluster","cache-snapshot","cache-subnet-group","cfn","cloud-directory","cloudhsm-cluster","cloudsearch","cloudtrail","codebuild","codecommit","codepipeline","config-rule","customer-gateway","datapipeline","dax","directconnect","directory","distribution","dlm-policy","dms-endpoint","dms-instance","dynamodb-backup","dynamodb-stream","dynamodb-table","ebs","ebs-snapshot","ec2","ec2-reserved","ecr","ecs","ecs-container-instance","ecs-service","ecs-task","ecs-task-definition","efs","efs-mount-target","eks","elasticbeanstalk","elasticbeanstalk-environment","elasticsearch","elb","emr","eni","event-rule","event-rule-target","firehose","fsx","fsx-backup","gamelift-build","gamelift-fleet","glacier","glue-connection","glue-dev-endpoint","health-event","healthcheck","hostedzone","hsm","hsm-client","hsm-hapg","iam-certificate","iam-group","iam-policy","iam-profile","

jtroberts83 / ec2-stopped-instance-policies

Created March 22, 2019 14:01

	policies:

	- name: ec2-mark-stopped-instance-realtime
	resource: ec2
	mode:
	type: cloudtrail
	events:
	- source: ec2.amazonaws.com
	event: StopInstances
	ids: "responseElements.instancesSet.items[].instanceId"

jtroberts83 / c7n-iam-user-tag-enforce-policies.yaml

Last active August 21, 2020 12:47

Cloud Custodian IAM User Tag Enforcement Example

	policies:

	###################################################
	### First Tag the Creator of the IAM User #####
	###################################################

	- name: iam-auto-tag-user
	resource: iam-user
	mode:
	packages: [boto3, botocore, urllib3]

Older Newer