Skip to content

Instantly share code, notes, and snippets.

View mikegrima's full-sized avatar

Mike Grima mikegrima

View GitHub Profile
mikegrima /
Created July 31, 2023 20:00
Paginated and batched AWS Config resource fetching and listing
This gist covers how to:
- Make pytest fixtures for querying S3 buckets in AWS Config
- This tests the querying AWS Config's aggregated advanced query with full pagination (this works for non-aggregated queries as well)
- This also tests batch fetching resource configuration data out of the aggregator (this works for non-aggregated as well)
import json
import os
from typing import Any, Dict, Generator, List
from unittest.mock import MagicMock
mikegrima /
Last active April 5, 2023 16:00
Some AWS Access Control notes

KMS policies are funky as hell:

  1. KMS key access is almost like cross-account policies but with some differences. KMS keys must have a policy that either:

    • Explicitly grants an IAM Principal access
    • Permits the AWS account in question the ability to delegate access to the key
    • Cross-account access works like any other: you need permissions on the resource and the IAM principal.
    • Same account access needs the first and/or second bullet -- this is unlike other resources, which by default, delegates IAM access to it.
  2. The root principal ARN means that IAM in the account has permissions to delegate permissions to Roles/Managed Policies/etc. in the account. It does not grant access to all principals in the account.

mikegrima /
Last active February 14, 2023 15:12
GitHub App Token Code

This is code that makes it very easy to obtain a GitHub token for a GitHub application in Python.

This code works by performing the full song and dance required to obtain a token to operate in a GitHub organization. This manages the secret in AWS Secrets manager, caches the tokens and credentails, and refreshes them when neeeded.

The best part is the @github_auth decorator, which injects the credentials into your function when you supply the org name automagically.

mikegrima /
Last active December 22, 2022 01:51
Mock Python retry decorator
"""Pytest fixutre for mocking out the retry decorator as found here:"""
import mock
from typing import Callable, Generator
import pytest
def mock_retry() -> Generator[None, None, None]:
"""This mocks out the retry decorator so things don't retry or block."""
def mock_retry_decorator(*args, **kwargs) -> Callable:
mikegrima /
Last active November 23, 2022 23:38
GitHub GraphQL Queries

GitHub GraphQL is annoying AF.

These are some sample queries that I have needed to do and am logging it here so I don't forget them.

API endpoint:, Method: POST. Authorization requires a Bearer token, and apparently: Personal access tokens with fine grained access do not support the GraphQL API... So that's lame! (as of November 2022)

mikegrima /
Created August 26, 2022 17:07
Boto3 STS endpoint "fun"
# If doing STS things, you will need to make sure that you use the proper STS endpoint now.
# You need to remember that you need to pass in the endpoint URL. Use this for CloudAux:
from typing import Any, Dict, List
from botocore.client import BaseClient
from cloudaux import sts_conn
from import paginated
ROLE_TO_ASSUME = "AssumeThisRole"
ACCOUNT_NUMBER = "012345678910"
mikegrima /
Created June 27, 2022 16:41
Get the available regions for a given AWS service
# Get the available regions for a given AWS serivce:
# As seen on:
import boto3
# ['af-south-1', 'ap-east-1', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ap-southeast-3', 'ca-central-1', 'eu-central-1', 'eu-north-1', 'eu-south-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'me-south-1', 'sa-east-1', 'us-east-1', 'us-east-2', 'us-west-1', 'us-west-2']
mikegrima /
Last active May 9, 2023 21:14
Un-json nested JSON strings from AWS Config
import datetime
import json
from typing import Any
from urllib.parse import unquote_plus
def un_wrap_json(json_obj: Any) -> Any:
"""Helper function to unwrap nested JSON in the AWS Config resource configuration."""
# pylint: disable=C0103,W0703,R0911
# Is this a field that we can safely return?
mikegrima /
Last active May 14, 2023 04:23
Make Ur-Quan Masters Playable

The Ur-Quan Masters Gameplay Speed Reduction

I loved playing Star Control on the Sega Genesis and was really happy that The Ur-Quan Masters came out. However, I find that the ship combat speed is way too fast. If you've played the Sega Genesis version of Star Control, you'd be used to a much slower gameplay speed.

It turns out that you can make Ur-Quan Masters run at a similar (or whatever) speed you want: you just need to edit the source code to do this. However, the good news is, it's pretty straightforward.

TL;DR: What do I fix?

mikegrima /
Last active October 31, 2023 00:31
Edit Brave Browser Dictionary

Fix Brave Browser Dictionary

If you have ever mistakenly added a word to the Brave browser dictionary, you need to manually edit the Custom Dictionary.txt file.

As of March 2020, the Brave UI lacks a feature to do this.

Where is the file?

This will depend on your OS. Google for where this is on your OS.

The file on macOS is at: ~/Library/Application\ Support/BraveSoftware/Brave-Browser/Default/Custom\ Dictionary.txt.