Skip to content

Instantly share code, notes, and snippets.

Mitch Garnaat garnaat

Block or report user

Report or block garnaat

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@garnaat
garnaat / untagged_instances.py
Created Oct 17, 2014
Find all untagged EC2 instances
View untagged_instances.py
import skew
for instance in skew.scan('arn:aws:ec2:*:*:instance/*'):
if not instance.tags:
print('%s is untagged' % instance.arn)
@garnaat
garnaat / lost_volumes.py
Last active Dec 9, 2015
Skew script to find all unattached EBS volumes
View lost_volumes.py
import skew
total_size = 0
total_volumes = 0
for volume in skew.scan('arn:aws:ec2:*:*:volume/*'):
if not volume.data['Attachments']:
total_volumes += 1
total_size += volume.data['Size']
print('%s: %dGB' % (volume.arn, volume.data['Size']))
@garnaat
garnaat / gist:4123f1aefe7d65df9b48
Created Oct 15, 2014
A skew script to audit all security groups for non-whitelisted IP addresses
View gist:4123f1aefe7d65df9b48
import skew
# Add whitelisted CIDR blocks here, e.g. 192.168.1.1/32.
# Any addresses not in this list will be flagged.
whitelist = []
for secgrp in skew.scan('arn:aws:ec2:*:*:security-group/*'):
for ipperms in secgrp.data['IpPermissions']:
for ip in ipperms['IpRanges']:
if ip['CidrIp'] not in whitelist:
@garnaat
garnaat / sdcustom
Created Apr 24, 2014
A click-based script to upload a custom metric to StackDriver
View sdcustom
#!/usr/bin/env python
import requests
import time
import json
import click
@click.command()
@click.option('--name', prompt='metric name',
help='the name of the custom metric', required=True)
@garnaat
garnaat / gist:10682964
Created Apr 14, 2014
Launch an AWS Web Console using credential from an IAM Role
View gist:10682964
#!/usr/bin/env python
"""
Launch an AWS Web Console.
Usage:
awsconsole launch --role=<role_arn> [--profile=<profile_name>]
Commands:
launch - Launch the AWS Console in your default web browser with
the specified credentials. The console will be authenticated
@garnaat
garnaat / keybase.md
Last active Aug 29, 2015
keybase identity proof
View keybase.md

Keybase proof

I hereby claim:

  • I am garnaat on github.
  • I am garnaat (https://keybase.io/garnaat) on keybase.
  • I have a public key whose fingerprint is A6C2 33BA 6313 1605 6E70 1EE4 F2E1 4005 8CC6 80A4

To claim this, I am signing this object:

@garnaat
garnaat / gist:7921001
Created Dec 12, 2013
Find all instances with a tag name of "component" and then return just the Tags themselves.
View gist:7921001
aws ec2 describe-instances --filters Name=tag-key,Values=component --query 'Reservations[].Instances[].Tags'
@garnaat
garnaat / gist:7076677
Created Oct 20, 2013
Simple example of getting a snapshot and accessing its attributes.
View gist:7076677
import boto.ec2
ec2con = ec2.connect_to_region("us-west-1")
snap = ec2con.get_all_snapshots(['snap-3b82a650'])[0]
print(snap.id)
print(snap.volume_id)
print(snap.status)
print(snap.start_time)
print(snap.owner_id)
print(snap.volume_size)
@garnaat
garnaat / gist:6675449
Last active Dec 23, 2015
Call EC2 DescribeInstances using botocore
View gist:6675449
import botocore.session
session = botocore.session.get_session()
ec2 = session.get_service('ec2')
operation = ec2.get_operation('DescribeInstances')
endpoint = ec2.get_endpoint('us-west-2')
# Calling with no parameters will return all instances
# associated with this account in this region.
http_response, data = operation.call(endpoint)
# You could also limit the results to only certain
@garnaat
garnaat / gist:5154413
Last active Dec 14, 2015
JSON policy file for launching EC2 instance from console.
View gist:5154413
{
"Statement": [
{
"Sid": "Stmt1363151440055",
"Action": [
"iam:ListInstanceProfiles",
"iam:ListRoles",
"iam:PassRole"
],
"Effect": "Allow",
You can’t perform that action at this time.