Skip to content

Instantly share code, notes, and snippets.

Tom Bortels bortels

Block or report user

Report or block bortels

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:1f047f3e7877d5566988492d69171f30
Create fine-grained session permissions using AWS Identity and Access Management (IAM) managed policies -
I've read this three times and I still don't understand what it does. Help?
Sure, I'd be happy to help you with that.
You use AWS STS (Simple Token Service) to assume a role and it's associated policies. So - you might call STS to assume
a role with "AdministratorAccess" policy in another account.
When you do this, you have an option to also add a "session role" on the fly - think of it as an addendum to the role.
Example, you might assume that "AdministratorAccess" role, but add in "No IAM access, please". This is handy because it
View updatewiki
#!/usr/bin/env python3
"""Update pod inventory pages"""
import requests
from requests.auth import HTTPBasicAuth
import json
from pprint import pprint
import datetime
import gzip
View exportaws
#!/usr/bin/env python3
# export the AWS environment for a given profile
import boto3
import argparse
parser = argparse.ArgumentParser(prog="exportaws",
description="Extract AWS credentials for a profile as env variables.")
parser.add_argument("profile", help="profile name in ~/.aws/config.")
View keybase.md

Keybase proof

I hereby claim:

  • I am bortels on github.
  • I am bortels (https://keybase.io/bortels) on keybase.
  • I have a public key ASCeqIowRbUyNLDgN8_8rLFq3SvWbylbnVrd6j1d83q4bQo

To claim this, I am signing this object:

@bortels
bortels / ad_to_json
Last active Dec 17, 2016
take ldapsearch output and save big json blob
View ad_to_json
#!/usr/bin/env ruby
# Save all AD objects in a big json blob you can mess around with
require 'json'
require 'Open3'
require 'pry'
# replace below with correct AD server, baseDN, and bind account DN and password
cmd = "ldapsearch -E pr=1000/noprompt -xLLL " +
@bortels
bortels / chrome-cache-recovery.js
Last active Sep 19, 2015 — forked from whatnickcodes/chrome-cache-recovery.js
Quick and dirty script to recover images from chrome cache. Just paste this into your console to automatically download all Scotch.io cached images
View chrome-cache-recovery.js
// Open chrome://cache/ and paste the following script in the console. Feel free to edit the filter variable
var filter = /cask\.scotch\.io(.)*\.(jpg|jpeg|png|gif)/g;
/*! jQuery v2.1.4 | (c) 2005, 2015 jQuery Foundation, Inc. | jquery.org/license */
!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.document)throw new Error("jQuery requires a window with a document");return b(a)}:b(a)}("undefined"!=typeof window?window:this,function(a,b){var c=[],d=c.slice,e=c.concat,f=c.push,g=c.indexOf,h={},i=h.toString,j=h.hasOwnProperty,k={},l=a.document,m="2.1.4",n=function(a,b){return new n.fn.init(a,b)},o=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,p=/^-ms-/,q=/-([\da-z])/gi,r=function(a,b){return b.toUpperCase()};n.fn=n.prototype={jquery:m,constructor:n,selector:"",length:0,toArray:function(){return d.call(this)},get:function(a){return null!=a?0>a?this[a+this.length]:this[a]:d.call(this)},pushStack:function(a){var b=n.merge(this.constructor(),a);retu
@bortels
bortels / index.html
Last active Sep 18, 2015 — forked from jbeuckm/index.html
Hello, Three.js
View index.html
<html>
<head>
<title>My first Three.js app</title>
<style>
body {
margin: 0;
}
canvas {
width: 100%;
height: 100%
View blank.html
<!DOCTYPE html>
<meta charset="utf-8">
<html lang="en">
<head>
<script src="https://cdnjs.cloudflare.com/ajax/libs/d3/3.5.6/d3.min.js" charset="utf-8"></script>
</head>
<body>
<div id="main">
</div>
</body>
@bortels
bortels / logstash.conf
Created Jun 15, 2015
logstash configuration for https://github.com/pblittle/docker-logstash including syslog listener
View logstash.conf
input {
stdin {
type => "stdin-type"
}
file {
type => "logstash"
path => [ "/var/log/logstash/logstash.log" ]
start_position => "beginning"
@bortels
bortels / gist:d33bb54d2f98f9e5eb21
Last active Aug 29, 2015
Exposing a port on a running docker container
View gist:d33bb54d2f98f9e5eb21

So - that was just complex enough that it might be nice to document and share it.

So - I am using docker and --link to expose a redis database to only the apps that use it. Which (as of now) is fine, so long as those apps are on the same host. But - I wanted to use the redis 'slaveof' command to quickly replicate the data to another redis running on a different host. Yes - I could grab the db from disk, scp, and restore. But it's handy to be able to quickly spawn a new copy elsewhere. I could not simply restart the original redis container exposing ports, because it is prod with people reading/writing to it.

So - The solution that works is: Run a new container, exposing the port you want, linked to the original container - and use socat to bridge the internal link to the external port.

You can’t perform that action at this time.