Skip to content

Instantly share code, notes, and snippets.

Avatar

Kinnaird McQuade kmcquade

View GitHub Profile
@kmcquade
kmcquade / test-cloud-init-run.sh
Created Jun 7, 2018 — forked from maoueh/test-cloud-init-run.sh
Small script to test changes made to cloud init config without rebooting
View test-cloud-init-run.sh
rm -rf /var/lib/cloud/instance && rm -rf /var/lib/cloud/instances/* && rm -rf /var/lib/cloud/sem/*
cloud-init init && cloud-init modules --mode config && cloud-init modules --mode final
@kmcquade
kmcquade / kms-vault
Created Jul 25, 2018 — forked from hassy/kms-vault
Encrypt/decrypt files using AWS KMS
View kms-vault
#!/usr/bin/env bash
# License: MIT - https://opensource.org/licenses/MIT
#
# Usage:
#
# Encrypt a file:
# kms-vault encrypt My-Key-Alias some-file-i-want-encrypted.txt > topsecret.asc
#
@kmcquade
kmcquade / iam-terraform-create-policy.tf
Created Jul 31, 2018 — forked from arsdehnel/iam-terraform-create-policy.tf
AWS IAM policies for running Terraform from an EC2 instance.
View iam-terraform-create-policy.tf
resource "aws_iam_policy" "terraform_create_policy" {
name = "terraform_create_policy"
path = "/"
policy = "${data.aws_iam_policy_document.terraform_create_policy.json}"
}
data "aws_iam_policy_document" "terraform_create_policy" {
statement {
sid = "1"
actions = [
@kmcquade
kmcquade / grow-root.service
Created Aug 26, 2018 — forked from jdeathe/grow-root.service
CentOS-7 Systemd Unit File to Grow the Root LVM Disk on AWS EC2 Instances with an ext4 File System.
View grow-root.service
# To install:
# sudo cat grow-root.service > /etc/systemd/system/grow-root.service
# sudo systemctl daemon-reload
# sudo systemctl enable -f grow-root.service
#
# Start (auto disables after first successful expansion):
# sudo systemctl start grow-root.service
#
# Debugging:
# sudo systemctl status grow-root.service
View gist:a536053660a1933640b142f15c8a8db4
#/bin/bash
trap exit INT
INSTANCES=$( aws ec2 describe-instances --query 'Reservations[].Instances[].InstanceId[]' | sed -e 's/\[//g' -e 's/\]//g')
SUM=0
echo $INSTANCES
for i in $( echo $INSTANCES | sed -e 's/"//g' -e 's/,//g' -e 's/\[//g' -e 's/\]//g' ) ;do
echo "---------------------------$i-------------------------------\n"
aws ec2 describe-instances --instance-ids $i --query 'Reservations[].Instances[].Tags[?Key==`Name`].Value' --output text
aws ec2 describe-instance-attribute --instance-id $( echo $i | sed -e 's/"//g' -e 's/,//' -e 's/\[//g' -e 's/\]//g' ) --attribute userData \
| jq '.UserData.Value' | sed 's/"//g' | base64 --decode
@kmcquade
kmcquade / restricted-psp.yaml
Created Oct 30, 2018 — forked from tallclair/restricted-psp.yaml
Restricted PodSecurityPolicy
View restricted-psp.yaml
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
metadata:
name: restricted
annotations:
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
spec:
View README.md

CloudFormation -> Terraform Import Helpers

I wrote these scripts to help faciliate batch import of our CloudFormation templates into Terraform Configuration.

region-batch.sh

This script is a light wrapper around batch.sh. It simply iterates over the list of regions provided, exports expected variables, creates required directories, and calls batch.sh.

BASE_DIR=/path/to/dir EXCLUDE_REGEX="(some-stack-production|some-stack-staging)" ./region-batch.sh us-east-1 us-west-1
@kmcquade
kmcquade / cloud-config.yml
Created Dec 24, 2018 — forked from justinsoliz/cloud-config.yml
Terraform definition for Jenkins with ECS, EFS, CoreOS
View cloud-config.yml
#cloud-config
write-files:
- path: /etc/conf.d/nfs
permissions: '0644'
content: |
OPTS_RPC_MOUNTD=""
coreos:
units:
- name: update-engine.service
@kmcquade
kmcquade / copy-ssm-parameters
Created Feb 28, 2019 — forked from mvanholsteijn/copy-ssm-parameters
script to copy all SSM parameter store parameters to disk
View copy-ssm-parameters
#!/usr/bin/env python
#
# copy all SSM parameter store parameters to disk
#
import os, sys, argparse, boto3
parser = argparse.ArgumentParser(description='copy all parameter values to local')
parser.add_argument("--path", dest="path", required=True,
help="to copy the keys from", metavar="STRING")
parser.add_argument("--directory", dest="directory", required=True,
@kmcquade
kmcquade / Makefile
Created Mar 9, 2019 — forked from mpneuried/Makefile
Simple Makefile to build, run, tag and publish a docker containier to AWS-ECR
View Makefile
# import config.
# You can change the default config with `make cnf="config_special.env" build`
cnf ?= config.env
include $(cnf)
export $(shell sed 's/=.*//' $(cnf))
# import deploy config
# You can change the default deploy config with `make cnf="deploy_special.env" release`
dpl ?= deploy.env
include $(dpl)