aashishrbhandari

"""
Overview:

Make an API call to bedrock to get Prompt Results

Note: It uses IAM Role for making API call to AWS.

"""

import boto3

aashishrbhandari

/** Enable CloudTrail and Logging to S3 **/

# Create S3 Bucket for CloudTrail Events
resource "aws_s3_bucket" "cloudtrail_s3_bucket" {
    bucket_prefix        = "aws-cloudtrail-logallapi"
}

# Enable CloudTrail Log to S3
resource "aws_cloudtrail" "cloudtrail_event_api" {
    name                          = "LogAllAPI"

aashishrbhandari

## Change the Variable IP and Port with the respective Proxy IP and Port.

IP="1.1.1.1"
PORT=3456


## Tells the NPM to use proxy when downloading packages

npm config set proxy http://$IP:$PORT
npm config set https-proxy http://$IP:$PORT

aashishrbhandari

## Single Liner command to get the Role Temporary Security Credentials
TOKEN=`curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` && ROLE_NAME=`curl -s -H "X-aws-ec2-metadata-token: $TOKEN" "http://169.254.169.254/latest/meta-data/iam/security-credentials/"` && curl -s -H "X-aws-ec2-metadata-token: $TOKEN" "http://169.254.169.254/latest/meta-data/iam/security-credentials/$ROLE_NAME"

## Breakdown

# Get the Token to access the AWS EC2 Metadata, with the IMDSv2 we need to have a TOKEN to access EC2 metadata
TOKEN=`curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"`

# The Below curl will use the Above Token and get the Rolename assigned to the EC2
ROLE_NAME=`curl -s -H "X-aws-ec2-metadata-token: $TOKEN" "http://169.254.169.254/latest/meta-data/iam/security-credentials/"`

aashishrbhandari

# Linux RBAC
# Providing User `user01` to run few commands as root user
user01 ALL = (root) NOPASSWD: /usr/bin/systemctl restart nginx
user01 ALL = (root) NOPASSWD: /usr/bin/ls /var/log/*
user01 ALL = (root) NOPASSWD: /usr/bin/tail /var/log/*
user01 ALL = (root) NOPASSWD: /usr/bin/tail * /var/log/*

aashishrbhandari

# A Basic Script to create a initd file to start teleport on backgroud
#!/bin/sh

nohup /usr/local/bin/teleport start -c /etc/teleport.yaml 2>&1 >> /var/log/teleport.log &

aashishrbhandari

## Get all Instance inside a VPC, part of VPC

aws ec2 describe-instances \
--filters "Name=vpc-id,Values=vpc-9999999999999" "Name=instance-state-name,Values=running" \
--query \
'Reservations[].Instances[].{
	Name: Tags[?Key==`Name`].Value | [0],InstanceId:InstanceId,
	Id: InstanceId,
	SubnetId: SubnetId,
	AZ: Placement.AvailabilityZone, 

aashishrbhandari

import requests, json

# Slack WebHook Required
slack_webhook_url = "https://hooks.slack.com/services/XXXXXXXXXX/XXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx"

# Use the blocks from slack_webhook_blocks.txt
message = {
        "blocks": [
            {
                "type": "divider"

aashishrbhandari

# How to Use the Below Blocks

# Refer Python code: Github Gist: slack_webhook_message.py

## Not Very Effective
## To Create a `Section` in a Table Format
{
    "blocks": [
        {
			"type": "divider"

aashishrbhandari

# Go to ldap Folder and create a SSL Folder
cd /etc/ldap/

mkdir ssl

cd ssl/

# Create CA
openssl req \
-subj "/C=IN/ST=Maharashtra/L=Mumbai City/O=Information Security Systems/OU=IT Services/CN=OpenLDAP Test Server" \