Skip to content

Instantly share code, notes, and snippets.

View lawliet89's full-sized avatar
🧑‍🤝‍🧑
He/him

Yong Wen Chua lawliet89

🧑‍🤝‍🧑
He/him
  • Singapore
  • 13:40 (UTC +08:00)
View GitHub Profile
@lawliet89
lawliet89 / s3_activity_by_bucket.sql
Last active September 30, 2024 06:17
Security Lake Athena Queries
-- Number of entries per bucket for the past 7 days
with dataset as (
SELECT json_extract_scalar(api.request.data, '$.bucketName') as bucketName, * FROM amazon_security_lake_table_ap_southeast_1_s3_data_2_0
WHERE accountid = '123459012'
)
SELECT bucketName, count(bucketName) as numberOfRecords FROM dataset
WHERE time_dt BETWEEN CURRENT_TIMESTAMP - INTERVAL '7' DAY AND CURRENT_TIMESTAMP
group by bucketName
ORDER BY numberOfRecords desc
@lawliet89
lawliet89 / terraform-pre-apply
Created September 11, 2022 00:50
TFC Workload Identity for AWS Hooks
#!/bin/bash
set -euo pipefail
if [ -z ${TFC_AWS_APPLY_ROLE_ARN+x} ] && [ -z ${TFC_AWS_RUN_ROLE_ARN+x} ]; then
echo "Skipping this script because both env vars are missing and unset";
else
set +u
ROLE_ARN="${TFC_AWS_APPLY_ROLE_ARN:-$TFC_AWS_RUN_ROLE_ARN}"
set -u
echo "Preparing AWS provider auth..."
@lawliet89
lawliet89 / vault-token-helper.rb
Created May 28, 2021 08:05
Vault Token Helper
#!/usr/bin/env ruby
require 'json'
require 'date'
unless ENV['VAULT_ADDR']
STDERR.puts "No VAULT_ADDR environment variable set. Set it and run me again!"
exit 100
end
@lawliet89
lawliet89 / gcrgc.sh
Last active November 23, 2020 08:57 — forked from ahmetb/gcrgc.sh
Script to clean up Google Container Registry images pushed before a particular date
#!/bin/bash
# Copyright © 2017 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
@lawliet89
lawliet89 / gist:a376473c24bbc7c9f27695c9bc66a289
Last active September 15, 2019 13:08
Indonesia Reddit Banning via DNS
$ dig @8.8.8.8 reddit.com
; <<>> DiG 9.11.5-P1-1ubuntu2.5-Ubuntu <<>> @8.8.8.8 reddit.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25135
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
@lawliet89
lawliet89 / spec.yaml
Created September 6, 2019 06:41
Update kube-config affinity
spec:
template:
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
@lawliet89
lawliet89 / test.sh
Created July 16, 2019 01:25
Terraform Provider Tests
make testacc TESTARGS='-run=TestAccAWSCloudWatchDashboard_update'
#![feature(prelude_import)]
#![no_std]
#[prelude_import]
use std::prelude::v1::*;
#[macro_use]
extern crate std as std;
use serde::{Deserialize, Serialize};
pub struct Test {
pub foo: String,
pub bar: bool,
2019/01/18 15:24:07 [INFO] Terraform version: 0.11.11 ac4fff416318bf0915a0ab80e062a99ef3724334
2019/01/18 15:24:07 [INFO] Go runtime version: go1.11.1
2019/01/18 15:24:07 [INFO] CLI args: []string{"/home/xxx/apps/terraform", "apply", "-var-file=/home/xxx/work/infrastructure/environments/admin/test/../common.tfvars", "-var-file=/home/xxx/work/infrastructure/environments/admin/test/../../organization.tfvars"}
2019/01/18 15:24:07 [DEBUG] Attempting to open CLI config file: /home/xxx/.terraformrc
2019/01/18 15:24:07 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2019/01/18 15:24:07 [INFO] CLI command args: []string{"apply", "-var-file=/home/xxx/work/infrastructure/environments/admin/test/../common.tfvars", "-var-file=/home/xxx/work/infrastructure/environments/admin/test/../../organization.tfvars"}
2019/01/18 15:24:07 [INFO] command: backend initialized: *gcs.Backend
2019/01/18 15:24:07 [DEBUG] checking for provider in "."
2019/01/18 15:24:07 [DEBUG] checking for provider in "/home/xxx/apps"
2019/01/1
@lawliet89
lawliet89 / consul.json
Last active January 2, 2019 01:57
Prometheus Dashboards
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": "-- Grafana --",
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",