Skip to content

Instantly share code, notes, and snippets.

View mbainter's full-sized avatar

Mark Bainter mbainter

View GitHub Profile
@incyclum
incyclum / AWS IAM Policy - ForceMFA.json
Last active April 2, 2020 20:02
AWS IAM Policy - Force MFA - This policy allows users to manage their own passwords and MFA devices but nothing else unless they authenticate with MFA -- *EDIT*: I forgot where I found it in the 1st place. In fact this policy is explained statement by statement in AWS docs: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_users-self-man…
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowAllUsersToListAccounts",
"Effect": "Allow",
"Action": [
"iam:ListAccountAliases",
"iam:ListUsers",
"iam:GetAccountPasswordPolicy",
@mconnell
mconnell / audio_switch.applescript
Last active August 24, 2018 09:22
AppleScript for quickly flipping between 2 audio sources
-- Open automator
-- * New Service
-- * Service Recieves: no input
-- * Paste the following
-- * Alter audio sources to match your machine
-- * Save
-- Open Keyboard
-- * Shortcuts
-- * Services
-- * Bind to shortcut
@maurorappa
maurorappa / 05_logging.cfg
Last active February 14, 2018 17:24
Devuan AMI creation
## This yaml formated config file handles setting
## logger information. The values that are necessary to be set
## are seen at the bottom. The top '_log' are only used to remove
## redundency in a syslog and fallback-to-file case.
##
## The 'log_cfgs' entry defines a list of logger configs
## Each entry in the list is tried, and the first one that
## works is used. If a log_cfg list entry is an array, it will
## be joined with '\n'.
_log:
@arsdehnel
arsdehnel / iam-terraform-create-policy.tf
Last active September 21, 2023 18:12
AWS IAM policies for running Terraform from an EC2 instance.
resource "aws_iam_policy" "terraform_create_policy" {
name = "terraform_create_policy"
path = "/"
policy = "${data.aws_iam_policy_document.terraform_create_policy.json}"
}
data "aws_iam_policy_document" "terraform_create_policy" {
statement {
sid = "1"
actions = [
@yossorion
yossorion / what-i-wish-id-known-about-equity-before-joining-a-unicorn.md
Last active November 3, 2024 17:14
What I Wish I'd Known About Equity Before Joining A Unicorn

What I Wish I'd Known About Equity Before Joining A Unicorn

Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.

This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would

Prerequisites

You'll need to have a system running that is accessible through a DNS record. It should have access to the public Habitat depot, https://app.habitat.sh so it can download the required packages.

You'll need to register an OAuth application for GitHub. You need the client ID and client secret that are created for the application later in this guide. Your system needs to have access to https://github.com so that it can authenticate.

Your system also needs to have an FQDN that can be resolved, for example depot.example.com. This will be used in your OAuth application's "Authorization Callback URL." For this example, use http://depot.example.com/#/sign-in. The /#/sign-in is required.

Operating System

@LongHairedHacker
LongHairedHacker / INSTALL.md
Last active April 10, 2017 14:59
Installing zfsonlinux for the Devuan Beta

Installing zsfonlinux under Devuan

HACK - Not recommended for production !

wget http://archive.zfsonlinux.org/debian/pool/main/z/zfsonlinux/zfsonlinux_8_all.deb
dpkg --unpack zfsonlinux_8_all.deb
vim /var/lib/dpkg/info/zfsonlinux.postinst
@pcn
pcn / example.md
Last active September 14, 2023 19:40
Using jq to get+filter aws data

I've been playing with jq, and I've been having a hard time finding examples of how it works with output from a service like AWS (which I use a lot).

Here is one I use a lot with vagrant-ec2.

When we're launching and killing a lot of instances, the AWS API is the only way to track down which instances are live, ready, dead, etc.

To find instances that are tagged with e.g. {"Key" = "Name", "Value" = "Web-00'} in the middle of a vagrant dev cycle, or a prod launch/replace cycle, you can do something like this:

#!/usr/bin/env python
# This is a trick, to output the bash commands we need to run in shell, and just execute this script inside an eval within our shell, so it imports what we need
# Possibly tie this in with https://gist.github.com/mbainter/b38a4cb411c0b5c1bae6 for MFA support
# Will need to durably store MFA access tokens, possibly in some other env vars
# Could also store all different keys/info in different vars, to reuse as needed (lots of env vars though, file may be better)
import os
import sys
import getpass
@jallspaw
jallspaw / gist:bc60f27c38a2d9009f34
Created April 1, 2015 13:02
Summing up contextual influence on systems architecture
1. Monolithic applications and architectures can vary in their monolithness. This is an under-specified description.
2. Microservice applications and architectures can vary in their microness. This is an under-specified description.
3. Microservices and monolithic architectures have both benefits and disadvantages.
4. Organizations will exploit those benefits while working around any weaknesses.
5. Success of the business is a large influence on the exploitation of benefits and implementation and costs of workarounds.
6. All benefits and work arounds are context-sensitive. Meaning that they are both technically and socially constructed by the organization that navigates them.
7. Path dependency is a thing. History matters and manifests in these architectural decisions and evolution in an organization.
8. Patterns exist to inform practice, not dictate it. Zealous adherence to an architectural pattern brings peril when it is to the exclusion of cultural context in actual practice.
9. Architectural patterns w