Callum Gardner ctgardner

## aws-control-tower-guardrails.csv

          
            Guidance
            Behaviour
            Description
            Link

            
              Mandatory
              Preventive
              Disallow Changes to Encryption Configuration for AWS Control Tower Created Amazon S3 Buckets in Log Archive
              https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-changes-s3-buckets-created

            
              Mandatory
              Preventive
              Disallow Changes to Logging Configuration for AWS Control Tower Created Amazon S3 Buckets in Log Archive
              https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-logging-changes-s3-buckets-created

            
              Mandatory
              Preventive
              Disallow Changes to Bucket Policy for AWS Control Tower Created Amazon S3 Buckets in Log Archive
              https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-policy-changes-s3-buckets-created

            
              Mandatory
              Preventive
              Disallow Changes to Lifecycle Configuration for AWS Control Tower Created Amazon S3 Buckets in Log Archive
              https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-lifecycle-c

## logentries.cloudformation.yml
AWSTemplateFormatVersion: 2010-09-09

Parameters:
  LogGroupName:
    Type: String
  LogentriesLogToken:
    Type: String
    NoEcho: true

Resources:

## useful_bash_commands.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              0 stars
            
          
                ctgardner
                / useful_bash_commands.md
            
            
              Last active
              June 10, 2023 04:59
            
              
                Useful Bash Commands
              
          
    Prompt Manipulation

Cursor Movement

Move the cursor to Destination.


Command
Destination


Ctrl + a
Start of line


Ctrl + e
End of line


## export_assumed_role.sh
#!/bin/bash

# usage: $ `aws sts assume-role --role-arn <arn> --role-session-name <session-name> | ./export_assumed_role.sh`

cat $1 | jq '.Credentials' | jq -r '.AccessKeyId, .SecretAccessKey, .SessionToken' | {
	read -r access_key;
	read -r secret_key;
	read -r session_token;

	echo "export AWS_ACCESS_KEY_ID=$access_key";

## cf-stacks-filter-by-status.sh
# List delete stacks:

aws cloudformation list-stacks --stack-status-filter DELETE_COMPLETE

# Or:

aws cloudformation list-stacks --query "StackSummaries[?StackStatus == 'DELETE_COMPLETE']"

# List all stacks, excluding deleted stacks

## cf-stack-events-filter-by-status.sh
aws cloudformation describe-stack-events --stack-name my-stack --query "StackEvents[?ResourceStatus == 'CREATE_FAILED']"

# Resource statuses (2019-03-19):
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-describing-stacks.html

# CREATE_COMPLETE
# CREATE_FAILED
# CREATE_IN_PROGRESS

# DELETE_COMPLETE

## export_aws_profile.sh
#!/bin/bash

# usage: $ `./export_aws_profile.sh my-profile`

profile=$1

echo "export AWS_ACCESS_KEY_ID=$(aws configure get $profile.aws_access_key_id)"
echo "export AWS_SECRET_ACCESS_KEY=$(aws configure get $profile.aws_secret_access_key)"
echo "export AWS_DEFAULT_REGION=$(aws configure get $profile.region)"

## gist:18e078b55ed2ebb391f7d17b3ecc9696
# problem
objc[21657]: +[__NSPlaceholderDate initialize] may have been in progress in another thread when fork() was called.
objc[21657]: +[__NSPlaceholderDate initialize] may have been in progress in another thread when fork() was called. We cannot safely call it or ignore it in the fork() child process. Crashing instead. Set a breakpoint on objc_initializeAfterForkError to debug.

# solution (https://github.com/ansible/ansible/issues/31869)
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES

## JsonSchema.js
/*
  Shamelessly stolen from https://github.com/tdegrunt/jsonschema/issues/184#issue-173862957 and improved by @micheal-hill

  DISCLAIMER: Use at own risk.
*/

type JsonSchema = {|
    +id?: string;
    +$schema?: string;
    +title?: string;

## mockingES6InstanceMethodsWithJest.js
// MyClass/index.js
export class MyClass {
  foo() { /* do something */ }
}

// DependentClass/index.js
import { MyClass } from "../MyClass"
export class DependentClass {
  bar() {
    const foo = new MyClass().foo()
Guidance	Behaviour	Description	Link
Mandatory	Preventive	Disallow Changes to Encryption Configuration for AWS Control Tower Created Amazon S3 Buckets in Log Archive	https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-changes-s3-buckets-created
Mandatory	Preventive	Disallow Changes to Logging Configuration for AWS Control Tower Created Amazon S3 Buckets in Log Archive	https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-logging-changes-s3-buckets-created
Mandatory	Preventive	Disallow Changes to Bucket Policy for AWS Control Tower Created Amazon S3 Buckets in Log Archive	https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-policy-changes-s3-buckets-created
Mandatory	Preventive	Disallow Changes to Lifecycle Configuration for AWS Control Tower Created Amazon S3 Buckets in Log Archive	https://docs.aws.amazon.com/controltower/latest/userguide/mandatory-guardrails.html#disallow-lifecycle-c
	AWSTemplateFormatVersion: 2010-09-09

	Parameters:
	LogGroupName:
	Type: String
	LogentriesLogToken:
	Type: String
	NoEcho: true

	Resources:
	#!/bin/bash

	# usage: $ `aws sts assume-role --role-arn <arn> --role-session-name <session-name> \| ./export_assumed_role.sh`

	cat $1 \| jq '.Credentials' \| jq -r '.AccessKeyId, .SecretAccessKey, .SessionToken' \| {
	read -r access_key;
	read -r secret_key;
	read -r session_token;

	echo "export AWS_ACCESS_KEY_ID=$access_key";
	# List delete stacks:

	aws cloudformation list-stacks --stack-status-filter DELETE_COMPLETE

	# Or:

	aws cloudformation list-stacks --query "StackSummaries[?StackStatus == 'DELETE_COMPLETE']"

	# List all stacks, excluding deleted stacks
	aws cloudformation describe-stack-events --stack-name my-stack --query "StackEvents[?ResourceStatus == 'CREATE_FAILED']"

	# Resource statuses (2019-03-19):
	# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-describing-stacks.html

	# CREATE_COMPLETE
	# CREATE_FAILED
	# CREATE_IN_PROGRESS

	# DELETE_COMPLETE
	#!/bin/bash

	# usage: $ `./export_aws_profile.sh my-profile`

	profile=$1

	echo "export AWS_ACCESS_KEY_ID=$(aws configure get $profile.aws_access_key_id)"
	echo "export AWS_SECRET_ACCESS_KEY=$(aws configure get $profile.aws_secret_access_key)"
	echo "export AWS_DEFAULT_REGION=$(aws configure get $profile.region)"
	# problem
	objc[21657]: +[__NSPlaceholderDate initialize] may have been in progress in another thread when fork() was called.
	objc[21657]: +[__NSPlaceholderDate initialize] may have been in progress in another thread when fork() was called. We cannot safely call it or ignore it in the fork() child process. Crashing instead. Set a breakpoint on objc_initializeAfterForkError to debug.

	# solution (https://github.com/ansible/ansible/issues/31869)
	export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
	/*
	Shamelessly stolen from https://github.com/tdegrunt/jsonschema/issues/184#issue-173862957 and improved by @micheal-hill

	DISCLAIMER: Use at own risk.
	*/

	type JsonSchema = {\|
	+id?: string;
	+$schema?: string;
	+title?: string;
	// MyClass/index.js
	export class MyClass {
	foo() { /* do something */ }
	}

	// DependentClass/index.js
	import { MyClass } from "../MyClass"
	export class DependentClass {
	bar() {
	const foo = new MyClass().foo()