Skip to content

Instantly share code, notes, and snippets.

View lewismarshall's full-sized avatar

Lewis Marshall lewismarshall

11 followers · 3 following
View GitHub Profile
@lewismarshall
lewismarshall / azure_managedapp.go
Created July 28, 2022 15:13
Azure Marketplace Get Managed Resource Group
type getManagedAppIdInputs struct {
subscriptionId string
nodeResourceGroupName string
clientId string
}
// getManagedAppID will return the managed app ID
// will return the managedAppID if it is set
// otherwise will return the managed app ID by:
// 1. auditing the Metadata API to get the resource group
@lewismarshall
lewismarshall / delete_eks_oidc_providers.sh
Created May 6, 2022 14:06
#!/bin/bash
# Deletes all open-id-connect-providers that are NOT used by EKS instances...
${TRACE:+set -x}
if ! command -v aws &>/dev/null; then
echo "awscli is not installed. Please install it and re-run this script."
exit 1
fi
@lewismarshall
lewismarshall / aws-danger-toys.sh
Created March 28, 2022 15:49
# AWS DANGER TOYS - delete some stuff ;)
function aws-delete-policy {
local policy=${1:?'must specify policy arn'}
# find all things this policy referes to
local attached_roles=$(aws iam list-entities-for-policy --policy-arn "${policy}" --entity-filter Role | jq -r .PolicyRoles[].RoleName)
# for now just roles
for role in ${attached_roles}; do
# detach policy from role
@lewismarshall
lewismarshall / keybase.md
Created January 9, 2020 12:33

Keybase proof

I hereby claim:

  • I am lewismarshall on github.
  • I am lmarshall (https://keybase.io/lmarshall) on keybase.
  • I have a public key ASDra5yIULK_NRZbL7UDVm6Wza94GCB-KTNkX_2wKksauQo

To claim this, I am signing this object:

@lewismarshall
lewismarshall / test-ceph-cluster.yaml
Last active June 27, 2019 13:28
Ceph testing cluster
# 1. Create nodes
# 2. Attach EBS of type "standard" to all nodes
# 3. Create ceph operator and THEN this ceph cluster
apiVersion: ceph.rook.io/v1
kind: CephCluster
metadata:
name: rook-ceph
namespace: rook-ceph
spec:
@lewismarshall
lewismarshall / ca-csr.json
Created April 19, 2017 10:23
{
"CN": "Keto ETCD CA",
"CA": {
"expiry": "87600h"
},
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
@lewismarshall
lewismarshall / etcd_ca
Created April 19, 2017 10:21
#!/usr/bin/env bash
function generate_ca() {
if [[ ! -f tests/certs/${1}/ca.key ]]; then
mkdir -p tests/certs/${1}
cfssl gencert -initca tests/certs/ca-csr.json | cfssljson -bare tests/certs/${1}/ca
mv tests/certs/${1}/ca.pem tests/certs/${1}/ca.crt
mv tests/certs/${1}/ca-key.pem tests/certs/${1}/ca.key
fi
}
@lewismarshall
lewismarshall / aws-ar
Created April 12, 2017 12:32
Get aws environment variables from an aws-profile and role
function aws-ar() {
local profile=${1:-hod-central}
local role_arn=$(grep ${profile} ~/.aws/credentials -A 3 | grep role_arn | cut -d'=' -f2)
local creds_json=$(aws sts assume-role --output json --role-arn ${role_arn} --profile ${profile} --role-session-name ${profile} )
aws-unset
export AWS_ACCESS_KEY_ID=$(echo ${creds_json} | jq -r '.Credentials.AccessKeyId')
export AWS_SECRET_ACCESS_KEY=$(echo ${creds_json} | jq -r '.Credentials.SecretAccessKey')
export AWS_SECURITY_TOKEN=$(echo ${creds_json} | jq -r '.Credentials.SessionToken')
export AWS_SESSION_EXPIRE=$(echo ${creds_json} | jq -r '.Credentials.Expiration')
@lewismarshall
lewismarshall / template.py
Created September 28, 2016 16:03
Minimal Python Template
#!/usr/bin/env python3
# Taken from:
# string as file: http://stackoverflow.com/a/142251
# yaml !include: http://stackoverflow.com/a/9577670
import sys
import os.path
import yaml
import jinja2
import io
@lewismarshall
lewismarshall / get_vars_from_files.sh
Created May 24, 2016 12:17
#!/bin/bash
function get_config() {
conf_name="${1}"
conf_file="${CONFIG_DIR}/${conf_name}"
if [ -f ${conf_file} ]; then
echo "Using config from ${conf_file}"
value="$(cat ${conf_file})"
else