Subodh subudear
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CA Root public key is added to AWS trust anchor | |
| #generate CA Root private key | |
| openssl genrsa -out rootCA.key 4096 | |
| touch index | |
| echo 01 > serial.txt | |
| #generate CA Root public key request |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #commands to generate client private and public/cert key. Here .pem is the cert or public key and .key is private key. | |
| #generate client private key | |
| openssl genrsa -out client_private.key 4096 | |
| #generate client public key cert request | |
| openssl req -new -nodes -key client_private.key -out client.csr -config client_request.config | |
| #generate and sign the client public key /cert using CA root private and public key | |
| openssl x509 -req -sha512 -days 365 -in client.csr -CA ../rootCA.pem -CAkey ../rootCA.key -CAcreateserial -out client_public.pem -extfile client_cert.config |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ req ] | |
| prompt = no | |
| distinguished_name = dn | |
| [ dn ] | |
| C = IN | |
| ST = Delhi | |
| L = DEL | |
| O = raaviblog.com | |
| CN = Dev | |
| OU = IT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| basicConstraints = critical, CA:FALSE | |
| keyUsage = critical, digitalSignature |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [req] | |
| prompt = no | |
| string_mask = default | |
| distinguished_name = req_dn | |
| [req_dn] | |
| countryName = IN | |
| stateOrProvinceName = Delhi | |
| localityName = Delhi | |
| organizationName = raaviblog.com | |
| organizationalUnitName = DevOps |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is used with the 'openssl ca' command to sign a request | |
| [ca] | |
| default_ca = CA | |
| [CA] | |
| # Where OpenSSL stores information | |
| dir = . | |
| certs = $dir/certs | |
| crldir = $dir/crldir | |
| new_certs_dir = $certs/newcerts | |
| database = $dir/index |
subudear
/ github-runner.ps1
Created
July 28, 2023 05:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mkdir actions-runner; cd actions-runner | |
| Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.306.0/actions-runner-win-x64-2.306.0.zip -OutFile actions-runner-win-x64-2.306.0.zip | |
| if((Get-FileHash -Path actions-runner-win-x64-2.306.0.zip -Algorithm SHA256).Hash.ToUpper() -ne '998fd610e6024cb7015240a82a635a877aab4d6dfb0de89bdd167b0128452721'.ToUpper()){ throw 'Computed checksum did not match' } | |
| Add-Type -AssemblyName System.IO.Compression.FileSystem ; [System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD/actions-runner-win-x64-2.306.0.zip", "$PWD") | |
| C:\actions-runner\config.cmd --url https://github.com/Github-AWS-Learning ` | |
| --token $(Invoke-RestMethod -Method Post -Uri https://api.github.com/orgs/<REPLACE YOUR ORG NAME>/actions/runners/registration-token ` |
subudear
/ connect-to-aws-service-usingpython-stsrole.py
Created
April 8, 2023 23:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| import json | |
| ACCOUNT_ID = "7088" | |
| sts_client = boto3.client('sts',region_name="ap-southeast-2") | |
| assumed_role_object =sts_client.assume_role(RoleArn="arn:aws:iam::7068:role/role_to_Access_s3",RoleSessionName="S3access") | |
| print("assumed role: ", json.dumps(assumed_role_object,indent=4,default=str)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const AWS = require('aws-sdk'); | |
| const s3 = new AWS.S3(); | |
| exports.handler = async function(params){ | |
| console.info('fetching file from s3 bucket'); | |
| try { | |
| const fileData = await s3.getObject(params).promise(); | |
| console.log(JSON.parse(fileData.Body)) | |
| return fileData; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exports.handler = (event, context, callback) => { | |
| console.log('Received event:', JSON.stringify(event, null, 2)); | |
| var headers = event.headers; | |
| console.log('headers: ', JSON.stringify(headers)); | |
| // Parse the input for the parameter values | |
| var tmp = event.routeArn.split(':'); |
NewerOlder