Gijs van Renswoude gbvanrenswoude

## convert.sh
python - <<EOF
from json2html import *
with open("report.json", "r") as f:
    with open("report.html", "w") as nf:
        nf.write(json2html.convert(json = f.read()))
EOF

## graph-out.sh
terraform graph | dot -Tsvg > graph.svg
inkscape -z -e frontofficev2.png -w 1000 -h 1000 graphg.svg

## alb-oidc.py
from aws_cdk import (
    core,
    aws_elasticloadbalancingv2 as elbv2,
    aws_secretsmanager as sm
)

[...]

secret_bundle = sm.Secret.from_secret_arn(
    self,

## requests-with-awssigv4.py
# Talk to an AWS IAM protected ElasticSearch cluster
# Since its pretty hard to resort for this kind of stuff to curl (or extentions on it) we use Python
# Also, since its bothersome to check for the correct credentials place (disk, env, metadata endpoint, containerdata endpoint)
# its better to just peel out SigV4Auth from botocore.auth
# pip3 install boto3 requests
import boto3
from botocore.auth import SigV4Auth
from botocore.awsrequest import AWSRequest
import requests, sys

## gist:9f50fc5a1a17876bbe0d857fec1a4bd3
from requests_aws4auth import AWS4Auth
import boto3
import requests

credentials = boto3.Session().get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, 'eu-central-1', 'es', session_token=credentials.token)

r = requests.get(url, auth=awsauth)

## grafana-dashboard-handler.py
import json
import os

import requests
from requests.structures import CaseInsensitiveDict

headers = {"Accept": "application/json","Content-Type": "application/json" ,"Authorization": "Bearer " + os.environ['grafana_pw']}

# package dashboard with on the fs since usually the string is too long
with open("dashboard.json") as file:

## proxy-wss-to-request-authorizer.ts
// Proxies https://github.com/ottokruse/aws-apigw-authorizer to function as a Custom Authorizer for AWS API Gatewayv2 Websocket Custom Authorizer when sending JWT tokens.
// Send your JWT token as a querystringparameter 't' in the connection url to your Websocket api
// or set your own querystringparameter name using process.env.webSocketQueryStringParameterName

import { ApiGatewayAuthorizer } from 'aws-apigw-authorizer';
import * as AWSLambda from 'aws-lambda';

const lambdaAuthorizer = new ApiGatewayAuthorizer({ policyBuilder: customPolicyBuilder });

// NOTE type checking seems off in the source, this does not return a AWSLambda.PolicyDocument, but we ignore it

## index.py
from schema.your_schema_openapiv3 import Event
from schema.your_schema_openapiv3 import AWSEvent
from schema.your_schema_openapiv3 import Marshaller
import json

def lambda_handler(event, context):
    """function

    Parameters
    ----------

## index.py
# Lets take a simple event
# and event.json is the jsonschema of it
# {
#   "administration": "YOURBACKOFFICECODE",
#   "personNumber": 1337
# }


import json
from logging import getLogger, INFO

## whoof.json
{
    "openapi": "3.0.1",
    "info": {
        "title": "fwhoof",
        "version": "2021-10-17T18:09:20Z"
    },
    "servers": [
        {
            "url": "https://whoof.corp"
        }
	python - <<EOF
	from json2html import *
	with open("report.json", "r") as f:
	with open("report.html", "w") as nf:
	nf.write(json2html.convert(json = f.read()))
	EOF
	terraform graph \| dot -Tsvg > graph.svg
	inkscape -z -e frontofficev2.png -w 1000 -h 1000 graphg.svg
	from aws_cdk import (
	core,
	aws_elasticloadbalancingv2 as elbv2,
	aws_secretsmanager as sm
	)

	[...]

	secret_bundle = sm.Secret.from_secret_arn(
	self,
	# Talk to an AWS IAM protected ElasticSearch cluster
	# Since its pretty hard to resort for this kind of stuff to curl (or extentions on it) we use Python
	# Also, since its bothersome to check for the correct credentials place (disk, env, metadata endpoint, containerdata endpoint)
	# its better to just peel out SigV4Auth from botocore.auth
	# pip3 install boto3 requests
	import boto3
	from botocore.auth import SigV4Auth
	from botocore.awsrequest import AWSRequest
	import requests, sys
	from requests_aws4auth import AWS4Auth
	import boto3
	import requests

	credentials = boto3.Session().get_credentials()
	awsauth = AWS4Auth(credentials.access_key, credentials.secret_key, 'eu-central-1', 'es', session_token=credentials.token)

	r = requests.get(url, auth=awsauth)
	import json
	import os

	import requests
	from requests.structures import CaseInsensitiveDict

	headers = {"Accept": "application/json","Content-Type": "application/json" ,"Authorization": "Bearer " + os.environ['grafana_pw']}

	# package dashboard with on the fs since usually the string is too long
	with open("dashboard.json") as file:
	// Proxies https://github.com/ottokruse/aws-apigw-authorizer to function as a Custom Authorizer for AWS API Gatewayv2 Websocket Custom Authorizer when sending JWT tokens.
	// Send your JWT token as a querystringparameter 't' in the connection url to your Websocket api
	// or set your own querystringparameter name using process.env.webSocketQueryStringParameterName

	import { ApiGatewayAuthorizer } from 'aws-apigw-authorizer';
	import * as AWSLambda from 'aws-lambda';

	const lambdaAuthorizer = new ApiGatewayAuthorizer({ policyBuilder: customPolicyBuilder });

	// NOTE type checking seems off in the source, this does not return a AWSLambda.PolicyDocument, but we ignore it
	from schema.your_schema_openapiv3 import Event
	from schema.your_schema_openapiv3 import AWSEvent
	from schema.your_schema_openapiv3 import Marshaller
	import json

	def lambda_handler(event, context):
	"""function

	Parameters
	----------
	# Lets take a simple event
	# and event.json is the jsonschema of it
	# {
	# "administration": "YOURBACKOFFICECODE",
	# "personNumber": 1337
	# }


	import json
	from logging import getLogger, INFO
	{
	"openapi": "3.0.1",
	"info": {
	"title": "fwhoof",
	"version": "2021-10-17T18:09:20Z"
	},
	"servers": [
	{
	"url": "https://whoof.corp"
	}