Skip to content

Instantly share code, notes, and snippets.

Mark van Holsteijn mvanholsteijn

View GitHub Profile

A generated secret version resource.

This will generate a secret and store the value directly in the Google Secret manager secret, to avoid the secret appearing in clear text in the terraform source or the terraform state file.

given secrets should be stored using the google_kms_secret and the google_secret_manager_secret_version.

When the secret version is updated outside the scope of the terraform template, the resource will return the latest version.

mvanholsteijn / instances.go
Last active May 6, 2020
list all gce instances authenticating with the current gcloud configuration
View instances.go
package main
import (
terraform {
required_version = ">= 0.12"
variable project {
type = string
provider "google" {
project = var.project
mvanholsteijn /
Created Feb 10, 2020
update the contacts of all route53 registered domains
import boto3
import json
contact = {
"FirstName": "Mark",
"LastName": "van Holsteijn",
"ContactType": "COMPANY",
"AddressLine1": "Laapersveld 27",
"City": "Hilversum",
"CountryCode": "NL",
mvanholsteijn /
Created Jan 28, 2020
generates the SSM document required for automatic AD domain join on AWS
aws ds describe-directories --query 'DirectoryDescriptions[*].{
"schemaVersion": `"1.0"`,
"description": join(``, [`Automatic AD domain-join configuration for `, Name, `.`]),
"runtimeConfig": {
"aws:domainJoin": {
"properties": {
"directoryId": DirectoryId,
"directoryName": Name,
"dnsIpAddresses": OwnerDirectoryDescription.DnsIpAddrs
View aws-backup-cloudformation-template.yaml
AWSTemplateFormatVersion: '2010-09-09'
Description: AWS Backup daily CloudFormation configuration
Type: AWS::Backup::BackupPlan
BackupPlanName: default
- RuleName: daily-backups

Keybase proof

I hereby claim:

  • I am mvanholsteijn on github.
  • I am mvanholsteijn ( on keybase.
  • I have a public key ASC8m3WQn3rAaN6rL70h8G5tzhZXjiRrNBqS3heiR9KVego

To claim this, I am signing this object:

mvanholsteijn / gcp-instance-delete-external-ip
Created Oct 13, 2018
gcloud command deleting an external ip address from an GCP instance
View gcp-instance-delete-external-ip
gcloud compute instances delete-access-config $INSTANCE --access-config-name external-nat
mvanholsteijn / copy route53 hosted zone
Created Sep 29, 2018
a short shell script to copy the contents from one Route53 hosted zone to the other
View copy route53 hosted zone
aws route53 list-resource-record-sets \
--hosted-zone ${SOURCE_HOSTED_ZONE_ID} \
--query '{Changes: ResourceRecordSets[?Type != `NS` && Type != `SOA`].{"Action": `INSERT`, "ResourceRecordSet": @ }}' > changeset.json
aws route53 change-resource-record-sets \
--hosted-zone ${TARGET_HOSTED_ZONE_ID} \
--change-batch "$(<changeset.json)"
mvanholsteijn / copy-ssm-parameters
Created Feb 14, 2018
script to copy all SSM parameter store parameters to disk
View copy-ssm-parameters
#!/usr/bin/env python
# copy all SSM parameter store parameters to disk
import os, sys, argparse, boto3
parser = argparse.ArgumentParser(description='copy all parameter values to local')
parser.add_argument("--path", dest="path", required=True,
help="to copy the keys from", metavar="STRING")
parser.add_argument("--directory", dest="directory", required=True,
You can’t perform that action at this time.