Skip to content

Instantly share code, notes, and snippets.

View vvalorous's full-sized avatar

vvalorous

15 followers · 57 following
View GitHub Profile
@vvalorous
vvalorous / README.md
Created September 28, 2018 05:59 — forked from irgeek/README.md
Finding AMIs after building an image with Packer

Finding Packer-generated AMIs automatically after builds

The basic technique is to have Packer add a tag with a unique value during the build, and use AWS' built-in filtering capabilities to find that specific AMI after the build finishes.

  • template.json - Shows the settings that need to be added to your template
  • build.sh - Shows how to use the template to do a build and retrieve the AMI information
@vvalorous
vvalorous / python_aws_lambda_config.md
Created September 28, 2018 05:56 — forked from patrickbrandt/python_aws_lambda_config.md
A simple approach to multi-environment configurations for AWS Lambda functions

AWS recently released Versioning and Aliases for Lambda Functions. I'm going to outline how I've taken advantage of this to provide environmentally-aware Lambda function configurations in Python.

AWS Lambda doesn't currently support environment variables, so 12-factor-style configuration isn't an option. I'll be using seprate config files for each environment.

Pregame

We're making two assumptions for this article:

  • I've already created an AWS Lambda function with the following aliases:
    • Dev
    • Test
    • Staging
    • Production
@vvalorous
vvalorous / publicSubnets.go
Created September 25, 2018 19:49 — forked from stavxyz/publicSubnets.go
finding public subnets in go
package main
import (
"fmt"
"sort"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/ec2/ec2iface"
@vvalorous
vvalorous / aws-cloudtrail-bucket-policy.json
Created September 25, 2018 19:40 — forked from alanwill/aws-cloudtrail-bucket-policy.json
S3 bucket policy for Cloudtrail logs to receive from multiple accounts
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AWSCloudTrailAclCheck20131101",
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::903692715234:root",
"arn:aws:iam::859597730677:root",
@vvalorous
vvalorous / cloudformation-kinesis-fh-delivery-stream.json
Created September 22, 2018 01:05 — forked from lizturp/cloudformation-kinesis-fh-delivery-stream.json
AWS Cloudformation template to build a firehose delivery stream to S3, with a kinesis stream as the source. JSON, but it's fine.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "The AWS CloudFormation template for Kinesis Stream",
"Parameters": {
"Environment": {
"Description": "dev, stage, or prod - this is for bucket tags",
"Type": "String",
"MinLength": "3",
"MaxLength": "5"
}
@vvalorous
vvalorous / cognito.yaml
Created September 22, 2018 01:05 — forked from jeshan/cognito.yaml
Create a Cognito Authentication Backend via CloudFormation
AWSTemplateFormatVersion: '2010-09-09'
Description: Cognito Stack
Parameters:
AuthName:
Type: String
Description: Unique Auth Name for Cognito Resources
Resources:
# Creates a role that allows Cognito to send SNS messages
@vvalorous
vvalorous / datadog-role-delegation.json
Created September 22, 2018 01:03 — forked from miketheman/datadog-role-delegation.json
Datadog AWS Integration Automated Setup - CloudFormation
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"SharedSecret": {
"Default": "SOOPASEKRET",
"Description": "Shared Secret, aka External ID",
"Type": "String",
"NoEcho": "true"
}
},
@vvalorous
vvalorous / salt_signature.py
Created September 21, 2018 20:25 — forked from drem-darios/salt_signature.py
Python example of how to create a salt and use a secret key to generate a signature using the salt
import hmac
import os
import hashlib
import base64
import unittest
__author__ = 'drem'
class SecurityUtil(object):
@vvalorous
vvalorous / ribalancer.py
Created September 17, 2018 22:06 — forked from dialtone/ribalancer.py
Balance RI Instances
import boto3
import argparse
from pprint import pprint as pp
from dateutil.tz import tzutc
from datetime import datetime, timedelta
from collections import defaultdict as dd
class IL(object):
"""
@vvalorous
vvalorous / AddAllOrgAccountsToPolicy.py
Created September 16, 2018 05:55 — forked from d3fault0/AddAllOrgAccountsToPolicy.py
Boto3: Add All Org Accounts To IAM Policy
#!/usr/bin/env python3
import boto3
import json
central_logging = '<insert your central logging account id here>'
# Variables for the grafana monitoring server
role_name = 'monitoring_prodcloudwatch_access_role'
policy_arn = 'arn:aws:iam::<insert your central logging account id here>:policy/monitor-assumerole'