Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
automating the world

Apollo Clark apolloclark

💭
automating the world
View GitHub Profile
View aws_resources_.md

List all of the AWS Resources available to AWS CloudFormation

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html

curl -sSL https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/toc-contents.json \
  | jq '.contents[10].contents[0].contents[].include_contents' --raw-output \
  | grep -v "null" \
  | xargs -I % curl -sSL https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/% \
  | jq '.contents[].contents[] | [.title, (select(.contents != null) | .title + "::" + .contents[].title)]' --raw-output \
@apolloclark
apolloclark / upgrade_rhel.sh
Last active Feb 6, 2022
Upgrade RHEL / CentOS / Amazon Linux 2 / Oracle Linux systems
View upgrade_rhel.sh
#!/bin/bash
# fix for CentOS 6.x
# https://stackoverflow.com/questions/21396508/yumrepo-error-all-mirror-urls-are-not-using-ftp-https-or-file
# There is an issue with CentOS 6.3 not supporting the modern TLS 1.2, so use the archive.kernel.org
"[Errno 14] problem making ssl connection"
sed -i 's,<find>,<replacement>,g' /etc/yum.repos.d/CentOS-Base.repo
View Top AWS Mistakes in PCI-DSS, HIPAA, and FedRAMP Environments.md

Hello, I am Apollo Clark, a Cloud Architect, formerly with HashiCorp, with 13+ years of AWS experience, 4+ years of Azure Experience, and 3+ years of GCP experience. I've worked with the largest financial services companies in the world, and various US Dept of Defense (DoD) organizations, over the years on projects with security requirements of PCI-DSS, HIPAA, FedRAMP, and GDPR. AWS is an amazing service capable of a wide variety of uses, but with that flexibility comes a lot of complexity that is easy to misconfigure. Unfortunately, even in 2022, a lot of cloud provider services are not secure by default. This guide is a list of the most common mistakes I've seen. Many organizations adopted AWS organically, without any centralized planning, given the ease of using an oragnization credit card to spin up infrastucture in minutes, versus going through months of approval and waiting for physical hardware to be delivered, installed, configured, and made available into on-prem VMware based data centers. Whenver I

@apolloclark
apolloclark / upgrade_hashistack.sh
Created Nov 18, 2021
Upgrade HashiCorp tools in Ubuntu
View upgrade_hashistack.sh
#!/bin/bash -eu
PACKAGE_LIST="terraform packer sentinel vagrant";
for PACKAGE in $PACKAGE_LIST; do
# retrieve a link to the latest version
VERSION_LATEST=$(curl -sSLk https://releases.hashicorp.com/index.json \
| jq ".${PACKAGE}.versions | keys | .[]" | tr -d '"' \
| grep -v 'alpha\|beta\|rc\|oci\|ent' | sort --version-sort | tail -n1);
@apolloclark
apolloclark / upgrade_jq.sh
Created Nov 18, 2021
Upgrade JQ (JSON Query)
View upgrade_jq.sh
#!/bin/bash -eux
# retrieve a link to the latest version of Terraform
JQ_VERSION_LATEST=$(curl -sSL https://github.com/stedolan/jq/releases \
| grep -F '/releases/tag' | grep -v 'rc' | head -n1 | cut -d'"' -f2 | cut -d'/' -f6 | cut -d'-' -f2);
# get the currently installed version
JQ_VERSION_CURRENT=$(jq --version | cut -d'-' -f2);
# check if the latest version matches the currently installed version
@apolloclark
apolloclark / gcp_cheatsheet.md
Created Jan 26, 2021
Google Cloud cheatsheet
View gcp_cheatsheet.md
# list current config details
gcloud info

# list accounts
gcloud auth list

# list availalbe configs
gcloud config configurations list
@apolloclark
apolloclark / upgrade_hashistack.sh
Last active May 16, 2020
Bash scripts to upgrade locally installed HashiCorp programs
View upgrade_hashistack.sh
#!/bin/bash -eu
PACKAGE_LIST="terraform packer sentinel vagrant";
for PACKAGE in $PACKAGE_LIST; do
# retrieve a link to the latest version of Terraform
VERSION_LATEST=$(curl -sSLk https://releases.hashicorp.com/index.json \
| jq ".${PACKAGE}.versions | keys | .[]" | tr -d '"' \
| grep -v 'alpha\|beta\|rc\|oci' | sort --version-sort | tail -n1);
View gist:14785e43260bec1026d49f5a4e2d6434
### Keybase proof
I hereby claim:
* I am apolloclark on github.
* I am apolloclark (https://keybase.io/apolloclark) on keybase.
* I have a public key ASC2AayT4Qb7Hxt6BAgO_ocgIbKf0IsyhmdaIalmO43ivAo
To claim this, I am signing this object:
@apolloclark
apolloclark / docker image base oses.md
Last active Oct 12, 2021
Docker Images, Base OS Support Matrix
View docker image base oses.md

"Official Docker Image" Base OS Support Matrix

Analysis was performced on Aug 11, 2019.

Support Matrix

@apolloclark
apolloclark / chef, puppet, ansible.md
Last active Jun 30, 2021
Chef, Puppet, Ansible comparison
View chef, puppet, ansible.md