Paul Duvall PaulDuvall
PaulDuvall
/ ecs-pipeline-zerojenkins.json
Last active
December 30, 2016 16:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Description":"Automate provisioning of ECS using CodeBuild with CodePipeline, and CodeCommit. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.", | |
| "AWSTemplateFormatVersion":"2010-09-09", | |
| "Parameters":{ | |
| "Owner":{ | |
| "Description":"Enter Team or Individual Name Responsible for the Stack.", | |
| "Type":"String", | |
| "Default":"FirstName LastName" | |
| }, | |
| "Project":{ |
PaulDuvall
/ pipeline.yml
Created
July 20, 2017 14:15
CodeBuild Project definition in CloudFormation highlighting BuildSpec Source property
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CodeBuildWebsite: | |
| Type: AWS::CodeBuild::Project | |
| DependsOn: CodeBuildRole | |
| Properties: | |
| Name: | |
| Ref: AWS::StackName | |
| Description: Build application | |
| ServiceRole: | |
| Fn::GetAtt: | |
| - CodeBuildRole |
PaulDuvall
/ gist:2d688224680ed81172912e6d1a9e0cb8
Last active
February 20, 2018 14:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CodePipelineParameter: | |
| Type: "AWS::SSM::Parameter" | |
| Properties: | |
| Name: "CodePipelineStack" | |
| Type: "String" | |
| Value: | |
| Ref: CodePipelineStack | |
| Description: "Name of the CodePipeline generated in this CloudFormation template." | |
PaulDuvall
/ get-azs-per-region.py
Created
February 6, 2020 15:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| ec2 = boto3.client('ec2') | |
| # Retrieves all regions/endpoints that work with EC2 | |
| aws_regions = ec2.describe_regions() | |
| # Get a list of regions and then instantiate a new ec2 client for each region in order to get list of AZs for the region | |
| for region in aws_regions['Regions']: | |
| my_region_name = region['RegionName'] |
PaulDuvall
/ rotate-secrets-sam.yml
Last active
February 13, 2020 21:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: "2010-09-09" | |
| Transform: AWS::Serverless-2016-10-31 | |
| Description: SAR nested app stack test | |
| Resources: | |
| NestedApp: | |
| Type: AWS::Serverless::Application | |
| Properties: | |
| Location: | |
| ApplicationId: arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSMySQLRotationSingleUser | |
| SemanticVersion: 1.1.8 |
PaulDuvall
/ rotate-secrets-codebuild.yml
Last active
February 13, 2020 21:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CodeBuildLambdaTrigger: | |
| Type: AWS::CodeBuild::Project | |
| Properties: | |
| Name: | |
| Fn::Join: | |
| - '' | |
| - - Run | |
| - "CodePipeline" | |
| - Ref: AWS::StackName | |
| Description: Build application |
PaulDuvall
/ rotate-secrets-sm.yml
Last active
February 13, 2020 21:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MyRDSInstanceRotationSecret: | |
| Type: AWS::SecretsManager::Secret | |
| Properties: | |
| Description: 'This is my rds instance secret' | |
| GenerateSecretString: | |
| SecretStringTemplate: '{"username": "admin"}' | |
| GenerateStringKey: 'password' | |
| PasswordLength: 16 | |
| ExcludeCharacters: '"@/\' | |
| Tags: |
PaulDuvall
/ rotate-secrets-vpc.yml
Last active
February 13, 2020 21:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Outputs: | |
| MyVPC: | |
| Value: !Ref VPC | |
| Description: VPC ID - used by Cloud9 | |
| PublicSubnet1: | |
| Value: !Ref SubnetAPublic | |
| Description: SubnetAPublic - used by Cloud9 | |
| PrivateSubnet1: | |
| Value: !Ref SubnetAPrivate | |
| Description: SubnetAPrivate - used by Cloud9, Lambda Function, and RDS::DBSubnetGroup |
PaulDuvall
/ rotate-secrets-codepipeline.yml
Last active
February 13, 2020 21:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Pipeline: | |
| Type: AWS::CodePipeline::Pipeline | |
| Properties: | |
| RoleArn: !GetAtt CodePipelineRole.Arn | |
| Stages: | |
| - Name: Source | |
| Actions: | |
| - InputArtifacts: [] | |
| Name: Source | |
| ActionTypeId: |
PaulDuvall
/ rotate-secrets-launch-stack.sh
Last active
February 14, 2020 15:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cd ~/environment | |
| aws s3 mb s3://ceoa-3-$(aws sts get-caller-identity --output text --query 'Account') | |
| git clone https://github.com/PaulDuvall/aws-encryption-workshop.git | |
| cd aws-encryption-workshop/lesson3-develop | |
| zip ceoa-3-examples.zip *.* | |
| aws s3 sync /home/ec2-user/environment/aws-encryption-workshop/lesson3-develop s3://ceoa-3-$(aws sts get-caller-identity --output text --query 'Account') | |
| aws cloudformation create-stack --stack-name rds-secrets-rotation --disable-rollback --template-body file:///home/ec2-user/environment/aws-encryption-workshop/lesson3-develop/ceoa-3-rotation-1-pipeline.yml --parameters ParameterKey=EmailAddress,ParameterValue=fake-email@fake-fake-fake-email.com ParameterKey=CodeCommitS3Bucket,ParameterValue=ceoa-3-$(aws sts get-caller-identity --output text --query 'Account') ParameterKey=CodeCommitS3Key,ParameterValue=ceoa-3-examples.zip --capabilities CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND --disable-rollback |
OlderNewer