This is a list of controls that can be placed into an IAM policy document. All content comes from AWS documentation.
Something wrong? Try looking here.
Table of Contents generated with DocToc
#!/bin/bash -x | |
exec > /tmp/user-data.log 2>&1 | |
mkdir -p /var/spool/rsyslog | |
( | |
mkdir -p /etc/rsyslog.d/keys/ca.d | |
cd /etc/rsyslog.d/keys/ca.d | |
curl -O https://logdog.loggly.com/media/logs-01.loggly.com_sha12.crt |
#!/usr/bin/env python | |
"""Convert CSV policies into AWS JSON format.""" | |
import json | |
import csv | |
POLICIES = 'terraform.csv' | |
CRUD_COL = 2 | |
ACTION_COL = 3 |
var async = require('async'); | |
async.waterfall( | |
[ | |
function(callback) { | |
callback(null, 'Yes', 'it'); | |
}, | |
function(arg1, arg2, callback) { | |
var caption = arg1 +' and '+ arg2; | |
callback(null, caption); |
Sometimes you want to retrieve EC2 insntances' region information.
You can query that information through instance metadata(169.254.169.254).
$ curl --silent http://169.254.169.254/latest/dynamic/instance-identity/document
{
"privateIp" : "172.31.2.15",
"instanceId" : "i-12341ee8",
"billingProducts" : null,
"instanceType" : "t2.small",
### KERNEL TUNING ### | |
# Increase size of file handles and inode cache | |
fs.file-max = 2097152 | |
# Do less swapping | |
vm.swappiness = 10 | |
vm.dirty_ratio = 60 | |
vm.dirty_background_ratio = 2 |
{ | |
"Statement": [ | |
{ | |
"Sid": "PackerSecurityGroupAccess", | |
"Action": [ | |
"ec2:CreateSecurityGroup", | |
"ec2:DeleteSecurityGroup", | |
"ec2:DescribeSecurityGroups", | |
"ec2:AuthorizeSecurityGroupIngress", | |
"ec2:RevokeSecurityGroupIngress" |
Latency Comparison Numbers (~2012) | |
---------------------------------- | |
L1 cache reference 0.5 ns | |
Branch mispredict 5 ns | |
L2 cache reference 7 ns 14x L1 cache | |
Mutex lock/unlock 25 ns | |
Main memory reference 100 ns 20x L2 cache, 200x L1 cache | |
Compress 1K bytes with Zippy 3,000 ns 3 us | |
Send 1K bytes over 1 Gbps network 10,000 ns 10 us | |
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD |