Skip to content

Instantly share code, notes, and snippets.

View roseaar42's full-sized avatar

Aaron Rose roseaar42

View GitHub Profile
@roseaar42
roseaar42 / README.md
Last active August 13, 2025 18:21
redshift-query-guardrails-toolkit - Automated Lambda guardrails for Redshift query cost enforcement. Prevent expensive queries with serverless protection that integrates into CI/CD pipelines. Python/Node.js implementations included.

Redshift Query Guardrails Toolkit

Automated cost enforcement and budget protection for Amazon Redshift queries. Prevent expensive queries from impacting your environment with serverless Lambda guardrails that integrate seamlessly into CI/CD pipelines and workflows.

📚 Blog Series

This toolkit completes the comprehensive Redshift mastery trilogy:

  1. How to Always Write Optimized Queries in Amazon Redshift - Query optimization fundamentals
  2. How to Get "Total Data Scanned" for a Redshift Query via the Data API - Cost measurement techniques
@roseaar42
roseaar42 / README.md
Last active August 11, 2025 20:52
redshift-query-cost-monitoring-toolkit - Complete toolkit for Amazon Redshift query optimization and cost monitoring. Includes Python/Node.js examples, IAM policies, and Lambda templates. Companion to the Redshift optimization blog series.

Redshift Query Cost Monitoring Toolkit

Complete toolkit for Amazon Redshift query optimization and cost monitoring. Get programmatic access to query performance metrics using the Redshift Data API.

📚 Blog Series

This toolkit accompanies the comprehensive Redshift optimization blog series:

  1. How to Always Write Optimized Queries in Amazon Redshift - Complete guide to writing efficient queries from day one
  2. How to Get "Total Data Scanned" for a Redshift Query via the Data API - Programmatic access to query metrics (coming soon)
@roseaar42
roseaar42 / README.md
Created August 11, 2025 07:42
Fleet Provisioning by Claim - MQTT Subscribe Timeout Fix - Complete Python implementation that resolves MQTT subscribe timeouts when using AWS IoT Fleet Provisioning by Claim, including proper topicfilter permissions and correct sequencing.

Fleet Provisioning by Claim - Fixed Implementation

This script demonstrates the correct implementation of AWS IoT Fleet Provisioning by Claim, addressing common MQTT subscribe timeout issues.

Key Fixes Applied

  • Added missing topicfilter ARN permissions
  • Subscribe before publish sequencing
  • Increased MQTT operation timeouts
  • Proper error handling and response processing
@roseaar42
roseaar42 / README.md
Last active July 26, 2025 07:42
aurora-failover-toolkit - Production Node.js patterns for bulletproof multi-region Aurora with circuit breakers and intelligent failover

Aurora Resilience Patterns

Production-ready patterns for building bulletproof multi-region Aurora applications with intelligent failover, recovery, and graceful degradation.

Overview

This repository contains a complete set of Node.js patterns for handling regional failures in multi-region Aurora deployments. Rather than relying solely on AWS Aurora Global Database, these patterns give you application-level control over failover behavior, data consistency, and recovery procedures.

What This Solves

@roseaar42
roseaar42 / README.md
Last active July 11, 2025 09:54
lambda_js_diag.py - Diagnostic tool for AWS Lambda functions written in JavaScript/Node.js. Analyzes sample log entries and generates clear, actionable reports.

Lambda JS Diagnostic Tool

A plain-language diagnostic tool for analyzing JavaScript/Node.js AWS Lambda logs.
Generates Markdown, JSON, and plaintext reports based on common runtime issues.


How to Use

@roseaar42
roseaar42 / README.md
Created July 9, 2025 18:39
al_drift_check.py - Amazon Linux drift inspection tool – safe, zero-dependency Python script for system profile checks and JSON export

AL Drift Check

Amazon Linux System Inspector
This is a safe, standalone Python script for quickly identifying whether a Linux system matches the behavior of AL2, RHEL8, or AL2023. It requires no third-party dependencies, and can be run directly on Amazon Linux or any Debian-based system — no virtual environment needed.


Features

  • Instant system check: UID/GID policy, kernel version, SELinux status, and more
@roseaar42
roseaar42 / README.md
Created July 8, 2025 23:45
fix-selinux-al2023-imagebuilder - Custom EC2 Image Builder component to fix STIG hardening mismatch on AL2023 by manually installing SELinux

FixSELinuxForAL2023

This bundle provides a custom EC2 Image Builder component for Amazon Linux 2023. It corrects an issue where AWS's default STIG hardening logic skips SELinux due to a misaligned RHEL8 baseline.

Files Included

  • fix-selinux-al2023.yml: The custom component for Image Builder
  • register-component-cli.sh: A CLI command to register the component
  • README.md: This file
@roseaar42
roseaar42 / README.md
Last active July 2, 2025 19:27
Aurora PostgreSQL Query Routing Demo - Simulate query routing in Aurora PostgreSQL using PgPool-II and PgCat via Docker Compose

Aurora PostgreSQL Query Routing Demo

This repository demonstrates how to simulate AWS Aurora PostgreSQL query routing using two popular open-source routers:

  • PgPool-II: Feature-rich PostgreSQL middleware with load balancing and failover support.
  • PgCat: A lightweight, Rust-based query router designed for cloud-native environments.

The setup includes:

  • A writer PostgreSQL instance (pg_writer)
  • A replica PostgreSQL instance (pg_reader)
@roseaar42
roseaar42 / README.md
Last active June 28, 2025 01:36
aurora_query_check.py - Simple CLI tool to check if SELECT queries are hitting the Aurora writer. Helps debug read/write routing issues quickly.

Aurora Query Routing Checker

A simple command-line diagnostic tool that helps you identify whether SELECT queries are hitting the writer instance in your Amazon Aurora PostgreSQL cluster. Use this tool to quickly confirm routing problems and take action.

What You See When You Run the Tool

==============================
 Aurora Query Routing Checker
==============================
@roseaar42
roseaar42 / README.md
Last active July 2, 2026 05:54
ecs-cdk-first-deploy-workaround.ts – CDK example: deploy ECS with a placeholder image to avoid first-deploy errors

ECS CDK First Deploy Workaround

This CDK example demonstrates how to avoid first-time ECS deployment errors that occur when your service references a container image in ECR that hasn't been pushed yet. It's a common issue when using CI/CD pipelines that build and push to ECR after the infrastructure stack is created.

Why This Matters

If your ECS Service tries to use an ECR image that doesn’t exist, CloudFormation will fail the deploy. This is especially problematic during the initial deployment of infrastructure and pipelines together, where the image is only built later.

What This Does