Calum Hunter calum-github
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| These are the scripts from the JavaEssentials.pkg |
calum-github
/ firewall_bonus.tf
Created
May 20, 2021 05:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Allow incoming access to our instance via | |
| ## port 22, from the IAP servers | |
| resource "google_compute_firewall" "inbound-ip-ssh" { | |
| name = "allow-incoming-access-from-iap" | |
| project = var.project_id | |
| network = "default" | |
| direction = "INGRESS" | |
| allow { | |
| protocol = "tcp" |
calum-github
/ iam_compute.tf
Created
May 20, 2021 05:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Define the required roles to access the VM | |
| locals { | |
| compute_roles = [ | |
| "roles/compute.viewer", | |
| "roles/compute.osLogin", | |
| ] | |
| } | |
| # Apply the roles to a user account | |
| resource "google_project_iam_member" "assign-roles" { |
calum-github
/ iam.tf
Created
May 20, 2021 04:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a conditional IAM rule that grants access to establish an IAP tunnel | |
| # IF the user is connecting from an authorised network defined in the access | |
| # list | |
| resource "google_iap_tunnel_iam_member" "allow-remote-access-to-iap" { | |
| project = "<your-project-id>" | |
| role = "roles/iap.tunnelResourceAccessor" | |
| member = "user:calum.hunter@the.cloud" | |
| condition { | |
| title = "allow_remote_access_to_iap" |
calum-github
/ access_level.tf
Created
May 20, 2021 04:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Creates an Access Level | |
| # This access level will be used in | |
| # a conditional IAM policy to restrict access | |
| # to authorised users coming from authorised networks | |
| resource "google_access_context_manager_access_level" "access-level" { | |
| parent = "accessPolicies/<access-policy-id>" | |
| name = "accessPolicies/<access-policy-id>/accessLevels/<my_access_level_name>" | |
| title = "secure-iap-access-level" | |
| description = "This access level lists the authorised network addresses" |
calum-github
/ firewall.tf
Created
May 20, 2021 04:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Allow incoming access to our instance via | |
| ## port 22, from the IAP servers | |
| resource "google_compute_firewall" "inbound-ip-ssh" { | |
| name = "allow-incoming-ssh-from-iap" | |
| project = var.project_id | |
| network = "default" | |
| direction = "INGRESS" | |
| allow { | |
| protocol = "tcp" |
calum-github
/ vm.tf
Created
May 20, 2021 04:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create an instance | |
| resource "google_compute_instance" "my-instance" { | |
| project = var.project_id | |
| name = "my-instance-01" | |
| machine_type = "e2-standard-2" | |
| zone = var.zone | |
| boot_disk { | |
| initialize_params { | |
| image = "debian-cloud/debian-9" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ######################################################################## | |
| # Author: Calum Hunter # | |
| # Date: 21/12/2016 # | |
| # Version: 0.7 # | |
| # Purpose: Fusion Drive Detection and general HD formatting before # | |
| # imaging tasks. # | |
| # # | |
| ######################################################################## |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Author: Calum Hunter | |
| # Date: 28/11/2016 | |
| # Version: 1.0 | |
| # Purpose: To generate a Mac UID from the objectGUID attribute | |
| # (GeneratedUID) in AD. | |
| # This uses the same method that the Apple | |
| # AD Plugin uses |
calum-github
/ gist:6ea1c80d31568dcd114367e864c3f3f1
Created
February 28, 2019 23:26
Route53 Terraform example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Manage DNS | |
| // Create a private route53 zone | |
| resource "aws_route53_zone" "this" { | |
| name = "${var.dns_zone_name}" | |
| vpc_id = "${var.vpc_id}" | |
| } | |
| // Create a dns record for the jenkins master private ip | |
| resource "aws_route53_record" "master" { | |
| zone_id = "${aws_route53_zone.this.id}" |
NewerOlder