Skip to content

Instantly share code, notes, and snippets.

View atheiman's full-sized avatar
😬

Austin Heiman atheiman

😬
35 followers · 10 following
View GitHub Profile
@atheiman
atheiman / boto3_all_accounts.py
Last active April 29, 2024 19:49
Run boto3 in a loop across all organization member AWS accounts
import json
import boto3
import traceback as tb
region = boto3.session.Session().region_name
if region.startswith("us-gov-"):
partition = "aws-us-gov"
regions = ["us-gov-west-1", "us-gov-east-1"]
else:
partition = "aws"
@atheiman
atheiman / buildspec.yml
Last active April 20, 2024 05:03
Simple AWS CodeBuild buildspec.yml for CloudFormation CI/CD
# Lint (cfn-lint) and Package (aws cloudformation package ...) run on templates for all branches.
# Deploy all templates on 'main' branch (stack names will be built from template names).
version: 0.2
phases:
install:
runtime-versions:
python: 3.9
pre_build:
@atheiman
atheiman / Spreeder
Last active April 14, 2024 15:08
Input text and it will display in spreeder format.
Input text and it will display in a spreeder format. There you go, Chris.
@atheiman
atheiman / template.yml
Last active March 30, 2024 05:09
CloudFormation template to create a CodeCommit repo and CodeBuild CI/CD. Updates to the main branch and pull requests trigger builds. Feature branch build status is commented on pull requests.
# Usage examples:
#
# Create a new CodeCommit repository with CodeBuild CI/CD
#
# aws cloudformation deploy \
# --stack-name my-new-project \
# --template-file ./template.yml \
# --capabilities CAPABILITY_IAM \
# --parameter-overrides 'RepositoryDescription=My new project description'
#
@atheiman
atheiman / User_Data.md
Last active March 21, 2024 21:15
EC2 User Data examples for Windows and Linux

EC2 User Data examples

Basic Windows local user with Administrator and RDP access

Add a local rdp user via user data at launch of a Windows EC2 instance. Note that this includes a password passed in thru both the user data and powershell command line and is a bad security practice because they can be viewed later. At a minimum, you should connect to the instance immediately after launch and change the password interactively. Also, delete the userdata from the instance after launch. More secure would be to connect the instance to a domain for authentication or use AWS native tooling to connect to the instance (e.g., AWS Session Manager).

<powershell>
# Be sure to set the username and password on these two lines. Of course this is not a good
# security practice to include a password at command line.
@atheiman
atheiman / aws_switch_role_bookmark_generator.py
Last active February 26, 2024 14:11
AWS organization switch role (assume role) bookmark generator - outputs html to stdout that can be saved to a .html file and imported into browser bookmarks.
import boto3
import os
# Environment variables for configuration
role_name = os.environ.get("ROLE_NAME", "OrganizationAccountAccessRole")
include_mgmt = os.environ.get("INCLUDE_MGMT", "true").lower() == "true"
sts = boto3.client("sts")
caller_arn = sts.get_caller_identity()["Arn"]
partition = caller_arn.split(":")[1]
@atheiman
atheiman / tag_dedicated_hosts.py
Last active February 16, 2024 01:38
Tag AWS EC2 dedicated hosts allocated by a License Manager host resource group. This code can be run as a Lambda function or directly as a Python script.
#!/usr/bin/env python
import json
import boto3
default_region = boto3.Session().region_name
if default_region.startswith("us-gov-"):
partition = "aws-us-gov"
regions = ["us-gov-west-1", "us-gov-east-1"]
else:
@atheiman
atheiman / logging.sh
Created June 6, 2016 21:12
simple shell script logging utility - logging.sh
#!/bin/bash
# Prints all arguments passed to the function with a timestamp prepended. `LOG_DATE_STRING` can be
# overridden by exporting the var. Prepend to the log using `LOG_LEVEL`.
log() {
[[ -z "$LOG_LEVEL" ]] && log_str='' || log_str="$LOG_LEVEL "
log_str="${log_str}$(date "+${LOG_DATE_STRING-%Y-%m-%d %H:%M:%S}") $@"
echo "$log_str"
}
info() { LOG_LEVEL='INFO' log "$@"; }
@atheiman
atheiman / install.sh
Created June 26, 2016 02:28 — forked from loren/install.sh
Chef install script with retry logic on dpkg to get around race with unattended upgrades
#!/bin/sh
# WARNING: REQUIRES /bin/sh
#
# - must run on /bin/sh on solaris 9
# - must run on /bin/sh on AIX 6.x
#
# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc.
# License:: Apache License, Version 2.0
#
# Licensed under the Apache License, Version 2.0 (the "License");
@atheiman
atheiman / git_helpers.sh
Created October 5, 2017 19:31
gfixup() {
set -x
git add --all
git commit --fixup=$(git log --oneline | head -1 | cut -d ' ' -f 1)
git rebase --interactive HEAD~2 --autosquash
set +x
local branch_name=$(git symbolic-ref -q HEAD)
branch_name=${branch_name##refs/heads/}
branch_name=${branch_name:-HEAD}