| #!/usr/bin/env python3 | |
| """ | |
| The following script demonstrates how to use the AWS Boto3 SDK to iterate through | |
| all of the users in an AWS Cognito User Pool and examine the events associated | |
| with each user. | |
| If any failed authentication events are found the script formats them as messages | |
| and logs them to CloudWatch logs. | |
| This script could easily be modified to run periodically as a Lambda function |
circumference of earth = 40075 km
speed of light = 299792.458 km / s
( circumference of earth ) / 2 ) / ( speed of light ) = seconds to travel from one side of globe to another
(40075 / 2) / (299792.458) = 0.0668 seconds
67 ms ideal travel time from one side of globe to another
| #!/usr/bin/python | |
| from datetime import datetime, timedelta | |
| import boto3 | |
| # region to query and what AWS credentials profile to use | |
| REGION = 'eu-west-2' | |
| PROFILE = 'default' | |
| MONTH_PERIOD = 3600 * 24 * 30 # ask CloudWatch to average over a 30 day |
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: > | |
| A sample ElasticBeanstalk cloudformation template that deploys a 2 (MinSize) cluster of PHP servers | |
| behind an application load balancer listening on both port 80 and 8080. The ALB is placed (ideally) | |
| into a set of public subnets with the PHP servers in private subnets. | |
| Parameters: | |
| ec2Subnets: | |
| Type: List<AWS::EC2::Subnet::Id> | |
| Description: Subnets for PHP servers |
The following is a living catalog of tools that I have found for managing AWS resources.
| { | |
| "version": "0", | |
| "id": "cbdd5653-b2b9-8c4e-c7de-bd6a0e879c9a", | |
| "detail-type": "EC2 Instance State-change Notification", | |
| "source": "aws.ec2", | |
| "account": "776347453069", | |
| "time": "2017-10-29T23:07:54Z", | |
| "region": "ap-southeast-2", | |
| "resources": [ | |
| "arn:aws:ec2:ap-southeast-2:776347453069:instance/i-0533ccc4be7f511af" |
| # | |
| # Ensure all EC2 Instances that do not have an 'exempt' tag value set are attached to any security groups that are tagged 'mandatory' | |
| # Description: Checks that all EC2 instances that have a certain tag format also have a specific security group | |
| # | |
| import logging | |
| import boto3 | |
| import json | |
| import sys |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogGroup", | |
| "logs:CreateLogStream", | |
| "logs:PutLogEvents" | |
| ], |
| { | |
| "Records": [ | |
| { | |
| "EventVersion": "1.0", | |
| "EventSubscriptionArn": "arn:aws:sns:EXAMPLE", | |
| "EventSource": "aws:sns", | |
| "Sns": { | |
| "SignatureVersion": "1", | |
| "Timestamp": "1970-01-01T00:00:00.000Z", | |
| "Signature": "EXAMPLE", |
| ''' | |
| Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
| Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at | |
| http://aws.amazon.com/apache2.0/ | |
| or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. | |
| ''' | |
| import logging | |
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import hashlib |