Skip to content

Instantly share code, notes, and snippets.

View alsmola's full-sized avatar

Alex Smolen alsmola

28 followers · 3 following
View GitHub Profile
@alsmola
alsmola / gist:9905549
Created April 1, 2014 00:43
### Keybase proof
I hereby claim:
* I am alsmola on github.
* I am alsmola (https://keybase.io/alsmola) on keybase.
* I have a public key whose fingerprint is A396 4319 DB5C 469D 12D5 1299 AB1D 5964 6557 8858
To claim this, I am signing this object:
@alsmola
alsmola / git-list.rb
Last active August 29, 2015 14:09
List git branches with a numerical index, then check a branch out by index
#!/usr/bin/env ruby
# To setup - copy this to a file named git-list in a directory on your path and
# chmod +x.
#
# To use - Type git list, and select the branch you'd like to check out.
@branches = Array.new
class String
@alsmola
alsmola / xss_really.html
Last active June 28, 2016 00:00
XSS Really?
<html>
<body>
<script>
function log(arg) {
console.log(arg)
};
</script>
<div onclick="log('test&#39;);alert(1);//')">
Click me.
</div>
@alsmola
alsmola / kms_auth.go
Last active April 17, 2018 11:30
Confidant style KMS-based authentication in Go
/*
Copyright 2016 Alex Smolen (https://alexsmolen.com)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
@alsmola
alsmola / amazon_linux_yubikey.md
Last active April 8, 2020 06:42
Amazon Linux and Yubikey SSH 2FA

First, you'll need to install the package or compile it from source.

Install

Since pam_yubico only exists in the Fedora/EPEL repository which isn't enabled on Amazon Linux by default, you first have to run:

sudo yum-config-manager --enable epel

Then you can install the package:

sudo yum install pam_yubico

@alsmola
alsmola / cloudtrail_partitions.js
Last active November 23, 2021 08:51
cloudtrail_partitions
'use strict';
console.log('Loading function');
const aws = require('aws-sdk');
aws.config.update({region: 'us-east-1'});
const s3 = new aws.S3({ apiVersion: '2006-03-01' });
const ddb = new aws.DynamoDB({apiVersion: '2012-10-08'});
const athena = new aws.Athena();
@alsmola
alsmola / cloudtrail_partition_create_athena_table.sql
Last active August 23, 2023 10:28
cloudtrail_partition_create_athena_table
CREATE EXTERNAL TABLE cloudtrail_logs (
eventversion STRING,
userIdentity STRUCT<
  type:STRING,
  principalid:STRING,
  arn:STRING,
  accountid:STRING,
  invokedby:STRING,
  accesskeyid:STRING,
userName:STRING,
@alsmola
alsmola / incongito_for_bash_profile.sh
Created April 28, 2018 03:17
function hide {
export OLD_PS1=${PS1}
set +o history
PS1="\e[41m $PS1 \e[m"
}
function show {
set -o history
PS1=${OLD_PS1}
}
@alsmola
alsmola / README.md
Last active December 27, 2019 04:53
Using session policies to limit IAM role access

Session Policy Example

First, upload test files to an S3 bucket you control (replace YOUR_BUCKET_NAME) in two directories representing isolated namespaces (123 and 124).

echo "123" > test.txt
aws s3 cp test.txt s3://YOUR_BUCKET_NAME/123/test.txt
echo "124" > test.txt
aws s3 cp test.txt s3://YOUR_BUCKET_NAME/124/test.txt
@alsmola
alsmola / gsuite_saml_cognito_alb.tf
Created February 1, 2020 18:19
ALB for gsuite-saml-cognito
resource "aws_lb" "app1" {
name = "App1"
internal = false
load_balancer_type = "application"
security_groups = ["<your-security-group>"]
subnets = ["<your-subnet-id>"]
}
resource "aws_lb_target_group" "app1" {
name = "App1"