Don Capito dcloud9

## gist:80ff5d3bd3c70408a6f65a6020d8e1a4
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowListBucket",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<aws-account-id>:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_AWSReadOnlyAccess_abcde12345..."
            },
            "Action": "s3:ListBucket",

## gist:b41e1c2d69ced9377b9afd21dbe8e1c5
#! /usr/bin/env bash
# Get all roles attached to all service accounts, users, groups per project per environment in GCP
# Dependencies: Create and auth GCP named config using $gcloud config configurations create <env>|<named config>
# Requires: gcloud, jq
set -e

ENVLIS="dev tst stg prd"
PROJECTLIST="/tmp/projects"
SALIST="/tmp/sa"
TIMESTAMP=$(date "+%Y%m%d%H%M")

## EC2-StackPolicy-for-Updates
#! /bin/bash -e
#-----
# Pre-reqs: AWSCLI tool (python, pip) installed and configured. -DC 28.1.15
# v1.1: Added parameter/value checks. -DC 23.2.15
#-----
StackName=$1
Profile=$3
Creds=$HOME/.aws/credentials

[ $# -lt 3 ] && (echo "Usage: $0 <stack-name> {on|off} <profile>"; exit 1)

## stripdown-debian.sh
#! /bin/bash
# Should be run on a vanilla Debian install.
# This script will strip it down to bare minimum and yet bootable distro.

# Simulated run onlyi (--simulate). Uncomment this and Comment out the "Real Deal".
#apt-get --simulate purge $(dpkg-query -Wf '${Package;-40}${Essential}${Priority}\n'|awk '$2 ~ /nooptional|noextra/ {print $1}'|grep -v -E 'anacron|busybox|initramfs-tools|insserv|klibc-utils|libklibc|libsemanage-common|libsemanage1|libustr-1.0-1|libuuid-perl|linux-base|linux-image')

# Real deal.
apt-get purge $(dpkg-query -Wf '${Package;-40}${Essential}${Priority}\n'|awk '$2 ~ /nooptional|noextra/ {print $1}'|grep -v -E 'anacron|busybox|initramfs-tools|insserv|klibc-utils|libklibc|libsemanage-common|libsemanage1|libustr-1.0-1|libuuid-perl|linux-base|linux-image')
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid": "AllowListBucket",
	"Effect": "Allow",
	"Principal": {
	"AWS": "arn:aws:iam::<aws-account-id>:role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_AWSReadOnlyAccess_abcde12345..."
	},
	"Action": "s3:ListBucket",
	#! /usr/bin/env bash
	# Get all roles attached to all service accounts, users, groups per project per environment in GCP
	# Dependencies: Create and auth GCP named config using $gcloud config configurations create <env>\|<named config>
	# Requires: gcloud, jq
	set -e

	ENVLIS="dev tst stg prd"
	PROJECTLIST="/tmp/projects"
	SALIST="/tmp/sa"
	TIMESTAMP=$(date "+%Y%m%d%H%M")
	#! /bin/bash -e
	#-----
	# Pre-reqs: AWSCLI tool (python, pip) installed and configured. -DC 28.1.15
	# v1.1: Added parameter/value checks. -DC 23.2.15
	#-----
	StackName=$1
	Profile=$3
	Creds=$HOME/.aws/credentials

	[ $# -lt 3 ] && (echo "Usage: $0 <stack-name> {on\|off} <profile>"; exit 1)
	#! /bin/bash
	# Should be run on a vanilla Debian install.
	# This script will strip it down to bare minimum and yet bootable distro.

	# Simulated run onlyi (--simulate). Uncomment this and Comment out the "Real Deal".
	#apt-get --simulate purge $(dpkg-query -Wf '${Package;-40}${Essential}${Priority}\n'\|awk '$2 ~ /nooptional\|noextra/ {print $1}'\|grep -v -E 'anacron\|busybox\|initramfs-tools\|insserv\|klibc-utils\|libklibc\|libsemanage-common\|libsemanage1\|libustr-1.0-1\|libuuid-perl\|linux-base\|linux-image')

	# Real deal.
	apt-get purge $(dpkg-query -Wf '${Package;-40}${Essential}${Priority}\n'\|awk '$2 ~ /nooptional\|noextra/ {print $1}'\|grep -v -E 'anacron\|busybox\|initramfs-tools\|insserv\|klibc-utils\|libklibc\|libsemanage-common\|libsemanage1\|libustr-1.0-1\|libuuid-perl\|linux-base\|linux-image')