Skip to content

Instantly share code, notes, and snippets.


Mitch Garnaat garnaat

View GitHub Profile
garnaat /
Created Oct 17, 2014
Find all untagged EC2 instances
import skew
for instance in skew.scan('arn:aws:ec2:*:*:instance/*'):
if not instance.tags:
print('%s is untagged' % instance.arn)
garnaat /
Last active Dec 12, 2020
Skew script to find all unattached EBS volumes
import skew
total_size = 0
total_volumes = 0
for volume in skew.scan('arn:aws:ec2:*:*:volume/*'):
if not['Attachments']:
total_volumes += 1
total_size +=['Size']
print('%s: %dGB' % (volume.arn,['Size']))
garnaat / gist:4123f1aefe7d65df9b48
Created Oct 15, 2014
A skew script to audit all security groups for non-whitelisted IP addresses
View gist:4123f1aefe7d65df9b48
import skew
# Add whitelisted CIDR blocks here, e.g.
# Any addresses not in this list will be flagged.
whitelist = []
for secgrp in skew.scan('arn:aws:ec2:*:*:security-group/*'):
for ipperms in['IpPermissions']:
for ip in ipperms['IpRanges']:
if ip['CidrIp'] not in whitelist:
garnaat / sdcustom
Created Apr 24, 2014
A click-based script to upload a custom metric to StackDriver
View sdcustom
#!/usr/bin/env python
import requests
import time
import json
import click
@click.option('--name', prompt='metric name',
help='the name of the custom metric', required=True)
garnaat / gist:10682964
Created Apr 14, 2014
Launch an AWS Web Console using credential from an IAM Role
View gist:10682964
#!/usr/bin/env python
Launch an AWS Web Console.
awsconsole launch --role=<role_arn> [--profile=<profile_name>]
launch - Launch the AWS Console in your default web browser with
the specified credentials. The console will be authenticated
garnaat /
Last active Aug 29, 2015
keybase identity proof

Keybase proof

I hereby claim:

  • I am garnaat on github.
  • I am garnaat ( on keybase.
  • I have a public key whose fingerprint is A6C2 33BA 6313 1605 6E70 1EE4 F2E1 4005 8CC6 80A4

To claim this, I am signing this object:

garnaat / gist:7921001
Created Dec 12, 2013
Find all instances with a tag name of "component" and then return just the Tags themselves.
View gist:7921001
aws ec2 describe-instances --filters Name=tag-key,Values=component --query 'Reservations[].Instances[].Tags'
garnaat / gist:7076677
Created Oct 20, 2013
Simple example of getting a snapshot and accessing its attributes.
View gist:7076677
import boto.ec2
ec2con = ec2.connect_to_region("us-west-1")
snap = ec2con.get_all_snapshots(['snap-3b82a650'])[0]
garnaat / gist:6675449
Last active Dec 23, 2015
Call EC2 DescribeInstances using botocore
View gist:6675449
import botocore.session
session = botocore.session.get_session()
ec2 = session.get_service('ec2')
operation = ec2.get_operation('DescribeInstances')
endpoint = ec2.get_endpoint('us-west-2')
# Calling with no parameters will return all instances
# associated with this account in this region.
http_response, data =
# You could also limit the results to only certain
garnaat / gist:5154413
Last active Dec 14, 2015
JSON policy file for launching EC2 instance from console.
View gist:5154413
"Statement": [
"Sid": "Stmt1363151440055",
"Action": [
"Effect": "Allow",