Skip to content

Instantly share code, notes, and snippets.

View filipeandre's full-sized avatar

Filipe Ferreira filipeandre

  • 15:54 (UTC +01:00)
View GitHub Profile
@filipeandre
filipeandre / rollback_s3.sh
Created August 22, 2025 19:36
Restore s3 bucket to previous version before today
#!/usr/bin/env bash
set -euo pipefail
# Restore S3 objects updated today to their most recent version before today (Europe/Lisbon).
# Usage:
# ./restore.sh [--bucket BUCKET] [--yes] [--dry-run]
BUCKET=""
ASSUME_YES="false"
DRY_RUN="false"
@filipeandre
filipeandre / lb_trafic_report.py
Created August 22, 2025 15:17
Trafic report for load balancers
#!/usr/bin/env python3
"""
lb_traffic_report.py (human-friendly)
Enumerate all ALBs, NLBs, and CLBs in the current AWS account & region and fetch key
CloudWatch metrics for a given time window. Outputs a summary table (stdout) and
optionally writes a CSV.
Human-friendly improvements:
- Byte values shown using dynamic units (B/KB/MB/GB/TB) with 2 decimal places.
@filipeandre
filipeandre / count_alarms.py
Last active August 13, 2025 20:36
Count alarms based on -p suffix
#!/usr/bin/env python3
"""
Count AWS CloudWatch alarms:
- If three alarms exist with the same base name and end with p1, p2, p3 (e.g., foo-p1, foo-p2, foo-p3),
they count as 1 (a "triad").
- All other alarms are counted separately.
Usage:
python count_alarms.py [--region eu-west-1] [--role-arn arn:aws:iam::123456789012:role/RoleName]
"""
@filipeandre
filipeandre / A-create-external-kms.yaml
Last active August 13, 2025 16:45
AWS CloudFormation demonstration with **three stacks** showing end-to-end external KMS key creation, import, and usage,
AWSTemplateFormatVersion: '2010-09-09'
Description: >
Creates an EXTERNAL‑origin KMS key and retrieves import parameters (public key + import token)
via a Lambda-backed custom resource. Stores them in SSM Parameter Store (SecureString) and
outputs base64 values for use by Stack B.
Parameters:
AliasName:
Type: String
Default: 'ext/demo'
@filipeandre
filipeandre / delete-secrets.sh
Created August 13, 2025 08:46
Delete aws secrets without recovery
#!/usr/bin/env bash
if [ $# -eq 0 ]
then
echo "Usage: ./`basename "$0"` region secretN..."
exit 2
fi
for secret in "${@:2}"
do
@filipeandre
filipeandre / concurrent_lambda_executions.py
Created July 16, 2025 15:38
Force lambda concurrent executions quota increase
import boto3
import json
import multiprocessing
from botocore.exceptions import ClientError
function_name = "hello-world-quota-limit"
payload = {
"key1": "test-key1",
"key2": "test-key2",
"key3": "test-key3"
@filipeandre
filipeandre / create_temp_aws_credentials.py
Last active August 7, 2025 08:35
Temp AWS credentials
import boto3
import os
def export_temp_credentials():
session = boto3.Session()
credentials = session.get_credentials().get_frozen_credentials()
print(f'os.environ["AWS_ACCESS_KEY_ID"] = "{credentials.access_key}"')
print(f'os.environ["AWS_SECRET_ACCESS_KEY"] = "{credentials.secret_key}"')
@filipeandre
filipeandre / admin_iam_external.py
Created June 25, 2025 01:09
Python script to automate the external AWS account setup for IAM Identity Center SAML federation, granting AdministratorAcces
import boto3
import json
# --- CONFIGURATION ---
SAML_PROVIDER_NAME = "IAMIdentityCenterProvider" # must already exist
ROLE_NAME = "SAMLAdminAccessRole"
POLICY_NAME = "SAMLAdministratorAccessPolicy"
POLICY_DESCRIPTION = "Full admin access for SAML federated users"
USE_MANAGED_ADMIN_POLICY = True # set False to use a custom inline policy
@filipeandre
filipeandre / clone_deleted_stack.sh
Last active June 19, 2025 00:47
Clone delete stack
#!/bin/bash
# Usage:
# ./clone_deleted_stack.sh <stack-id-or-name> [new-stack-name] [optional-role-arn]
set -euo pipefail
INPUT_ID="${1:-}"
NEW_STACK_NAME="${2:-}"
ROLE_ARN="${3:-}"
@filipeandre
filipeandre / extract_excel_info.py
Last active May 15, 2025 22:20
Excel Table Data Extractor
import boto3
import tempfile
import os
import sys
from urllib.parse import urlparse
import openpyxl
def parse_s3_uri(s3_uri):
parsed = urlparse(s3_uri)
bucket = parsed.netloc