Skip to content

Instantly share code, notes, and snippets.

View jpbarto's full-sized avatar

Jason Barto jpbarto

25 followers · 1 following
View GitHub Profile
@jpbarto
jpbarto / Vagrantfile
Created May 6, 2016 08:48
Vagrantfile and docker-compose file for deploying HBase two different ways
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure(2) do |config|
config.vm.box = "blinkreaction/boot2docker"
config.vm.define "hbase" do |v|
v.vm.provision :docker do |d|
d.run "hbase",
@jpbarto
jpbarto / Vagrantfile
Last active May 9, 2016 09:30
Vagrantfile for the creation of a Docker host within either a local Virtualbox or a VSphere cloud environment
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure(2) do |config|
config.vm.box = "dummy"
config.vm.provider :virtualbox do |vbox, override|
override.vm.box = 'blinkreaction/boot2docker'
end
@jpbarto
jpbarto / gist:a2ad13f13bae20cd5472a9ae0c9889db
Created November 2, 2017 15:28
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
@jpbarto
jpbarto / IPManager-Lambda.py
Created November 2, 2017 15:33
'''
Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at
http://aws.amazon.com/apache2.0/
or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
'''
import logging
import boto3
from botocore.exceptions import ClientError
import hashlib
@jpbarto
jpbarto / IPManager-Event.json
Created November 2, 2017 15:39
{
"Records": [
{
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:EXAMPLE",
"EventSource": "aws:sns",
"Sns": {
"SignatureVersion": "1",
"Timestamp": "1970-01-01T00:00:00.000Z",
"Signature": "EXAMPLE",
@jpbarto
jpbarto / IPEnforcer-Policy.json
Created November 2, 2017 16:05
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
@jpbarto
jpbarto / IPEnforcer-Lambda.py
Created November 2, 2017 16:08
#
# Ensure all EC2 Instances that do not have an 'exempt' tag value set are attached to any security groups that are tagged 'mandatory'
# Description: Checks that all EC2 instances that have a certain tag format also have a specific security group
#
import logging
import boto3
import json
import sys
@jpbarto
jpbarto / IPEnforcer-Test.json
Created November 2, 2017 16:10
{
"version": "0",
"id": "cbdd5653-b2b9-8c4e-c7de-bd6a0e879c9a",
"detail-type": "EC2 Instance State-change Notification",
"source": "aws.ec2",
"account": "776347453069",
"time": "2017-10-29T23:07:54Z",
"region": "ap-southeast-2",
"resources": [
"arn:aws:ec2:ap-southeast-2:776347453069:instance/i-0533ccc4be7f511af"
@jpbarto
jpbarto / AWS-Tooling.md
Last active December 13, 2017 23:37
Catalog of open source tools for managing AWS resources

AWS Tooling Catalog

The following is a living catalog of tools that I have found for managing AWS resources.

AWS Account Management

  • AWS-Daleks - A tool for purging everything (almost) in an AWS account
  • Cloud Custodian - Account governance tool built by Capital One
  • AWS-Tailor - Collection of Lambda functions for configuring new AWS accounts

AWS Security

@jpbarto
jpbarto / ElasticBeanstalkCustomPort-cloudformation.yaml
Created December 17, 2017 00:32
AWSTemplateFormatVersion: '2010-09-09'
Description: >
A sample ElasticBeanstalk cloudformation template that deploys a 2 (MinSize) cluster of PHP servers
behind an application load balancer listening on both port 80 and 8080. The ALB is placed (ideally)
into a set of public subnets with the PHP servers in private subnets.
Parameters:
ec2Subnets:
Type: List<AWS::EC2::Subnet::Id>
Description: Subnets for PHP servers