Skip to content

Instantly share code, notes, and snippets.

Avatar

Mitch Garnaat garnaat

View GitHub Profile
@garnaat
garnaat / untagged_instances.py
Created Oct 17, 2014
Find all untagged EC2 instances
View untagged_instances.py
import skew
for instance in skew.scan('arn:aws:ec2:*:*:instance/*'):
if not instance.tags:
print('%s is untagged' % instance.arn)
@garnaat
garnaat / lost_volumes.py
Last active Dec 9, 2015
Skew script to find all unattached EBS volumes
View lost_volumes.py
import skew
total_size = 0
total_volumes = 0
for volume in skew.scan('arn:aws:ec2:*:*:volume/*'):
if not volume.data['Attachments']:
total_volumes += 1
total_size += volume.data['Size']
print('%s: %dGB' % (volume.arn, volume.data['Size']))
@garnaat
garnaat / gist:4123f1aefe7d65df9b48
Created Oct 15, 2014
A skew script to audit all security groups for non-whitelisted IP addresses
View gist:4123f1aefe7d65df9b48
import skew
# Add whitelisted CIDR blocks here, e.g. 192.168.1.1/32.
# Any addresses not in this list will be flagged.
whitelist = []
for secgrp in skew.scan('arn:aws:ec2:*:*:security-group/*'):
for ipperms in secgrp.data['IpPermissions']:
for ip in ipperms['IpRanges']:
if ip['CidrIp'] not in whitelist:
@garnaat
garnaat / sdcustom
Created Apr 24, 2014
A click-based script to upload a custom metric to StackDriver
View sdcustom
#!/usr/bin/env python
import requests
import time
import json
import click
@click.command()
@click.option('--name', prompt='metric name',
help='the name of the custom metric', required=True)
@garnaat
garnaat / gist:10682964
Created Apr 14, 2014
Launch an AWS Web Console using credential from an IAM Role
View gist:10682964
#!/usr/bin/env python
"""
Launch an AWS Web Console.
Usage:
awsconsole launch --role=<role_arn> [--profile=<profile_name>]
Commands:
launch - Launch the AWS Console in your default web browser with
the specified credentials. The console will be authenticated
@garnaat
garnaat / keybase.md
Last active Aug 29, 2015
keybase identity proof
View keybase.md

Keybase proof

I hereby claim:

  • I am garnaat on github.
  • I am garnaat (https://keybase.io/garnaat) on keybase.
  • I have a public key whose fingerprint is A6C2 33BA 6313 1605 6E70 1EE4 F2E1 4005 8CC6 80A4

To claim this, I am signing this object:

@garnaat
garnaat / gist:7921001
Created Dec 12, 2013
Find all instances with a tag name of "component" and then return just the Tags themselves.
View gist:7921001
aws ec2 describe-instances --filters Name=tag-key,Values=component --query 'Reservations[].Instances[].Tags'
@garnaat
garnaat / gist:7076677
Created Oct 20, 2013
Simple example of getting a snapshot and accessing its attributes.
View gist:7076677
import boto.ec2
ec2con = ec2.connect_to_region("us-west-1")
snap = ec2con.get_all_snapshots(['snap-3b82a650'])[0]
print(snap.id)
print(snap.volume_id)
print(snap.status)
print(snap.start_time)
print(snap.owner_id)
print(snap.volume_size)
@garnaat
garnaat / gist:6675449
Last active Dec 23, 2015
Call EC2 DescribeInstances using botocore
View gist:6675449
import botocore.session
session = botocore.session.get_session()
ec2 = session.get_service('ec2')
operation = ec2.get_operation('DescribeInstances')
endpoint = ec2.get_endpoint('us-west-2')
# Calling with no parameters will return all instances
# associated with this account in this region.
http_response, data = operation.call(endpoint)
# You could also limit the results to only certain
@garnaat
garnaat / gist:5154413
Last active Dec 14, 2015
JSON policy file for launching EC2 instance from console.
View gist:5154413
{
"Statement": [
{
"Sid": "Stmt1363151440055",
"Action": [
"iam:ListInstanceProfiles",
"iam:ListRoles",
"iam:PassRole"
],
"Effect": "Allow",
You can’t perform that action at this time.