Skip to content

Instantly share code, notes, and snippets.

View aws-simple's full-sized avatar

AWS-Simple aws-simple

2 followers · 0 following
View GitHub Profile
@aws-simple
aws-simple / .vimrc
Created February 21, 2024 11:39
Minimalist vim config
set et " expandtab
set ts=2 " tabstop
set sw=2 " shiftwidth
set sts=2 " softtabstop
set hls " highlightsearch
set ic " ignorecase
set nu " numbers
colorscheme desert
set bg=dark
@aws-simple
aws-simple / .bash_aliases
Last active May 16, 2024 14:40
Shell one latter aliases
alias a='ansible'
alias b='brew'
alias d='docker'
alias f='find'
alias g='git'
alias h='helm'
alias j='journalctl'
alias k='kubectl'
alias m='make'
alias o='openssl'
@aws-simple
aws-simple / README.md
Last active August 16, 2023 16:23
How to parse Ingress-Nginx Controller access logs

What if we use Ingress-Nginx Controller and would like to look through logs of its Pods to get specific details on the passing traffic

log_format upstreaminfo
    '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" "$http_user_agent" '
    '$request_length $request_time [$proxy_upstream_name] [$proxy_alternative_upstream_name] $upstream_addr '
    '$upstream_response_length $upstream_response_time $upstream_status $req_id';
@aws-simple
aws-simple / README.md
Last active August 14, 2023 19:24
How to limit 'kubectl top pods' to nodes in a specific nodegroup

What if we have a certain nodegroup (for example EKS Node Group) and would like to see which applications load their node mostly

  • Let's say we have node group labeled as purpose=workers and would like to see top pod sorted by cpu usage
LABELS='purpose=workers'
kubectl top pods --no-headers -A --sort-by=cpu | \
  grep -f <(kubectl get pod -A --no-headers -o wide | \
  grep -f <(kubectl get nodes -l ${LABELS} -oname | sed -e 's|^node/||') | awk '{print $2}')
@aws-simple
aws-simple / AWS-Vault-GnuPG-pass-OTP-README.md
Last active May 11, 2023 17:05
How to use AWS Vault, GnuPG, and 'pass' password manager with OTP extension to manage AWS access on macOS and Linux workplace

This document provides instructions on how to use the following tools to manage access to AWS on macOS/Linux engineer's workplace

  • GnuPG
  • AWS vault
  • pass password manager
  • pass OTP extension

Note

The storage of the first factor authenticatiton (credentials keys) and the source for the second factor (OTP key, which is used to generate OTP codes) in the same vault (even encrypted) runs against security best practices. It is recommended that you use a dedicated MFA device to generate OTP codes. The instructions provided in the document show how all the mentioned tools can interact and help understand how to manage these and/or other tools according to security best practices

@aws-simple
aws-simple / terraform-backend-variables.aliases
Last active April 3, 2023 11:24
Use bash/zsh aliases to help with terraform backend variables
### Using the following aliases provides possibilities to use variables both
### for backend initialization ('terraform init') and for other operations
### ('terraform plan/apply/...') by applying so called 'partial configuration'.
### The alias 'tf' runs 'terraform' command with all passed arguments and
### additional flag (either '-backend-config=...' or '-var-file=...') with
### path to 'backend.hcl' file (containing terraform variables) which
### depends on:
### - a current directory (the directory where 'terraform' command was called)
### - whether the command was called within a 'git' repo
### - a location of 'backend.hcl' file in the 'git' repo directory structure