Skip to content

Instantly share code, notes, and snippets.

@richadams
richadams / update_elb_ssl_neg_policies.sh
Last active March 4, 2019 19:13
A quick and dirty script to update every ELB in an AWS account to the latest ELBSecurityPolicy-2014-10 to mitigate CVE-2014-3566. Barely tested, use at own risk, etc. Requires awscli to be installed.
#!/bin/bash
# Requires: awscli (http://aws.amazon.com/cli/)
# Your AWS credentials
export AWS_ACCESS_KEY_ID='***'
export AWS_SECRET_ACCESS_KEY='***'
# This is the base policy that will be used.
POLICY="ELBSecurityPolicy-2014-10"
@richadams
richadams / aws_security_group_details.sh
Last active February 23, 2024 20:46
A quick and dirty script to list out all security group settings on an AWS account. Barely tested, use at own risk, etc. Requires awscli to be installed.
#!/bin/bash
# Requires: awscli (http://aws.amazon.com/cli/)
# Prints out a list of all security groups and their settings, just for quickly auditing it.
# Your AWS credentials
if [ -z ${AWS_ACCESS_KEY_ID} ]; then
export AWS_ACCESS_KEY_ID='***'
export AWS_SECRET_ACCESS_KEY='***'
fi
### Keybase proof
I hereby claim:
* I am richadams on github.
* I am richadams (https://keybase.io/richadams) on keybase.
* I have a public key whose fingerprint is 48F4 05D4 8567 234C D6D0 196E 71AB E159 1504 8ED2
To claim this, I am signing this object:
@richadams
richadams / pd_aws_config_event_transformer.js
Created February 9, 2018 22:55
PagerDuty Custom Event Transformer for handling AWS Config compliance events from SNS. Raising incidents if a resource goes non-compliant, and resolving the incident if they go compliant again (or are deleted).
// Parses AWS Config events from SNS and will raise PagerDuty incidents if resources
// go non-compliant, resolving the incident when they return to compliant.
//
// This file is intended to be used with a PagerDuty Custom Event Transformer.
// https://www.pagerduty.com/docs/guides/custom-event-transformer/
//
// Create a new Custom Event Transformer integration in PagerDuty, and subscribe it's
// Integration URL on the SNS Topic that you send AWS Config events to.
//
// You can see all the different notifications Config sends here: