Skip to content

Instantly share code, notes, and snippets.

View 1davidmichael's full-sized avatar

David Michael 1davidmichael

17 followers · 103 following
View GitHub Profile
@iann0036
iann0036 / gist:b473bbb3097c5f4c656ed3d07b4d2222
Last active July 17, 2024 17:03
List of expensive / long-term effect AWS IAM actions
route53domains:RegisterDomain
route53domains:RenewDomain
route53domains:TransferDomain
ec2:ModifyReservedInstances
ec2:PurchaseHostReservation
ec2:PurchaseReservedInstancesOffering
ec2:PurchaseScheduledInstances
rds:PurchaseReservedDBInstancesOffering
dynamodb:PurchaseReservedCapacityOfferings
s3:PutObjectRetention
@jeffbrl
jeffbrl / describe_instances.py
Created February 27, 2018 17:28
How to make datetime.datetime json serializable - boto3 ec2 describe_instances
# Adapted from https://stackoverflow.com/questions/35869985/datetime-datetime-is-not-json-serializable
import datetime
import json
import boto3
def datetime_handler(x):
if isinstance(x, datetime.datetime):
return x.isoformat()
@sivel
sivel / better-ssh-authorized-keys-management.md
Last active July 29, 2024 12:48
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server: