Do you ever find yourself having to look through your AWS ELBs to find bad TLS/SSL configurations ?
aws elb describe-load-balancers --output json | jq -r '.LoadBalancerDescriptions[] | [ (.LoadBalancerName, .ListenerDescriptions[].Listener.Protocol), (.ListenerDescriptions[].PolicyNames[]), (.Scheme)] | @csv' >> all-loadbalancers.csv
List ELB Names, Listeners, Security Policy, and whether the ELB is Internal or Internet facing. Save as CSV
To decrypt all Jenkins Secrets, you can use the following code inside Manage Jenkins -> Script Console:
def creds = com.cloudbees.plugins.credentials.CredentialsProvider.lookupCredentials(
com.cloudbees.plugins.credentials.common.StandardUsernameCredentials.class,
Jenkins.instance,
null,
null
);
for (c in creds) {
println( ( c.properties.privateKeySource ? "ID: " + c.id + ", UserName: " + c.username + ", Private Key: " + c.getPrivateKey() : ""))
grep profile ~/.aws/config | sed -ne 's/^\[profile\s\(.*\)\]/export AWS_PROFILE=\1/p'
Note: If you are on a MacOS you will discover that this doesn't work due to the fun fact Mac does't use GNU sed ! (Boo Hiss !!!!) :-)
try this instead (2 ways):
grep profile ~/.aws/config | sed -ne 's/^\[profile[[:space:]]\(.*\)\]/export AWS_PROFILE=\1/p'
grep profile ~/.aws/config | sed -ne 's/^\[profile\(.*\)\]/export AWS_PROFILE=\1/p' | sed 's/ //2'
From time to time, Musk will send out an e-mail to the entire company to enforce a new policy or let them know about something that's bothering him. One of the more famous e-mails arrived in May 2010 with the subject line: Acronyms Seriously Suck:
There is a creeping tendency to use made up acronyms at SpaceX. Excessive use of made up acronyms is a significant impediment to communication and keeping communication good as we grow is incredibly important. Individually, a few acronyms here and there may not seem so bad, but if a thousand people are making these up, over time the result will be a huge glossary that we have to issue to new employees. No one can actually remember all these acronyms and people don't want to seem dumb in a meeting, so they just sit there in ignorance. This is particularly tough on new employees.
That needs to stop immediately or I will take drastic action - I have given enough warning over the years. Unless an acronym is approved by me, it should not enter the SpaceX glossary.
| node { | |
| echo 'Results included as an inline comment exactly how they are returned as of Jenkins 2.121, with $BUILD_NUMBER = 1' | |
| echo 'No quotes, pipeline command in single quotes' | |
| sh 'echo $BUILD_NUMBER' // 1 | |
| echo 'Double quotes are silently dropped' | |
| sh 'echo "$BUILD_NUMBER"' // 1 | |
| echo 'Even escaped with a single backslash they are dropped' | |
| sh 'echo \"$BUILD_NUMBER\"' // 1 | |
| echo 'Using two backslashes, the quotes are preserved' | |
| sh 'echo \\"$BUILD_NUMBER\\"' // "1" |