Skip to content

Instantly share code, notes, and snippets.

View innyso's full-sized avatar

iso innyso

8 followers · 13 following
View GitHub Profile
@innyso
innyso / s3_bucket_encryption.md
Last active April 26, 2020 10:47
#aws #s3 #encryption #security

S3 Encryption

There are two ways where S3 can encrypt data at rest

Client-Side Encryption

Data are send and store as encrypted. During retrieval, encrypted data are retrieved and descrypt at the client side. This can be achieve with the use of AWS SDK and KMS or self managed secret

Server-Side Encryption

Data are send unencrypted to AWS via TLS, AWS ia responsible for encrypting and storing on disk. During retrieval, AWS retrieves encrypted data from disks decrypt it and send raw data back via TLS.

@innyso
innyso / community_collection_git_ignore.md
Created April 18, 2020 02:17
#git #gitignore #collection
@innyso
innyso / git_push_pull_current_branch.md
Last active April 26, 2020 11:10
#git #gitconfig #alias

It had been a habit of mine where I always do git pull/push origin [branchname] for years because I push to master by accident once years. This week, I decided its time to up my git game and did some research on how to make the current checkout branch as the default upstream to push or pull.

To push to current branch

This one is simple, just set global config push.default to current

git config --global push.default current 

# after that I can simply push to my current checkout branch without type origin branchname
git push
@innyso
innyso / gpg_cheatsheet.md
Last active April 12, 2020 11:06
#gpg #cheatsheet #cmd

generate gpg key

gpg --full-generate-key

To export your gpg public key

gpg --armor --export <personA@email.com | fingerprint>
@innyso
innyso / aws_readonly_extra_denied.md
Last active April 11, 2020 13:03
#aws #iam #security

AWS provided a managed policy called arn:aws:iam::aws:policy/IAMReadOnlyAccess which give readonly access to user for all aws resources. This is very useful in most cases, having said that sometimes extra denied rules are required for user who do not need to access/download data. Depending on the situation, we might want to loosen some of the denied rule, for example we might allow all user to Log:GetLogEvents to view logs in cloudwatch if we do not need to segregate logs access.

{
      "Version": "2012-10-17",
      "Statement": [
          {
              "Sid": "DenyData",
              "Effect": "Deny",
              "Action": [
@innyso
innyso / vim_registry.md
Last active April 11, 2020 12:42
#vim #register

vim has something called registers which is like spaces that allow us to store text information and allow us to access it using its identifier

default registers

  • + and * system clipboard
  • " unnamed register where everything last yank/delete will be there

numbered registers

  • vim automatic populate "0 to "9 where "0 is the latest yank/delete and the rest are the last 9 yank/delete

read only registry

@innyso
innyso / vim_paste_in_insert_mode.md
Last active May 9, 2020 11:50
#vim #paste #insertmode

vim offer

  • + or * to access system clipboard
  • " for the unnamed registry which is the last thing y or d

CTRL+r Insert the contents of a register in insert mode.

Hence we can do the following to

@innyso
innyso / linux_find_os_version.md
Last active April 12, 2020 11:06
#linux #cmd #os_version 
cat /etc/os-release
lsb_release -a
hostnamectl
@innyso
innyso / git_checkout_file_specific_sh.md
Created April 7, 2020 12:45
#git #checkout 
git checkout SHA <path/to/file>
@innyso
innyso / remove_all_fg_jobs.md
Last active April 18, 2020 02:19
#linux #cmd #fg #jobs 
jobs -p | grep -o -E '\s\d+\s' | xargs kill