Otto Kruse ottokruse
ottokruse
/ verify-jwt-rs256.ts
Last active
April 4, 2024 15:46
Verify JWT signature, for RS256 in NodeJS (code in TypeScript). Only needs public key modulus and exponent (i.e. not as PEM/DER)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| This gist's core function is verifyJwt, whose purpose is to verify JWT's signed | |
| using RS256 | |
| The public key needs to be provided as n (modulus) and e (exponent). | |
| JWT algorithm RS256 in fact means RSASSA-PKCS1-v1_5 using SHA-256: | |
| https://tools.ietf.org/html/rfc7518#section-3.1 | |
| The specification of RSASSA-PKCS1-v1_5 specifies the steps to verify signatures: |
ottokruse
/ download_log_stream.sh
Created
March 27, 2024 12:29
Download full AWS CloudWatch log stream
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -e | |
| log_group_name="/aws/sagemaker/TrainingJobs" | |
| log_stream_name=${1} | |
| output_file=$(echo "${1}.txt" | sed 's/\//_/g') | |
| next_token="" | |
| echo "Storing full logs to: $output_file" | |
| # Clear output file |
ottokruse
/ aws-console
Last active
March 14, 2024 10:36
Python script to launch the AWS console in your webbrowser, using a presigned URL generated from your AWS CLI credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Usage: | |
| - Save this script somewhere on your path (e.g. `vi /usr/local/bin/aws-console && chmod +x /usr/local/bin/aws-console`) | |
| - Make AWS credentials available in one of the usual places where boto3 can find them (~/.aws/credentials, env var, etc.) | |
| - Excute the script: `aws-console --profile myprofile` | |
| - :tada: Your browser opens and you are signed in into the AWS console | |
| """ |
ottokruse
/ buildspec.yaml
Created
January 11, 2022 13:34
AWS CLI assume role in AWS CodeBuild through ECS credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '0.2' | |
| phases: | |
| build: | |
| commands: | |
| - | | |
| cat << EOF > aws_config | |
| [profile test] | |
| role_arn = arn:aws:iam::123456789012:role/my-role-to-assume | |
| role_session_name = IntegrationTest | |
| credential_source = EcsContainer |
ottokruse
/ cdk-package.ts
Last active
August 9, 2023 11:06
Script to publish CDK assets (e.g. Lambda function code) to S3 and generate parameter files, so you can combine cdk synth with CloudFormation deployments. This is essentially the equivalent of 'sam package' but then for CDK. Tested to work for Lambda and S3-deployments
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ts-node | |
| // This script uploads your assets to the CDK staging bucket in S3 (just as cdk deploy would) | |
| // and writes out two files: | |
| // - parameters.ini to use in CLI deployments (see instructions below) | |
| // - parameters.json to use in AWS CodePipeline for CloudFormation deployments | |
| // | |
| // Installation instructions: | |
| // - Save this script cdk-package.ts to the root of your CDK repo (i.e. next to cdk.json) and make it executable | |
| // - Install script dependencies: npm install jsonpath aws-sdk adm-zip @types/jsonpath @types/adm-zip |
ottokruse
/ cdk-snippet.ts
Created
May 25, 2022 07:55
Create an AWS Lambda Layer that includes pandas and pyarrow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Creating an AWS Lambda Layer with pandas and pyarrow is harder than it might seem, | |
| // as simply `pip install pandas pyarrow` will lead to a deployment package that is > 250 MB | |
| // which is not allowed by AWS Lambda. | |
| // In this snippet, that deployment package is trimmed down, to make it fit (and still work) | |
| import * as lambda from "aws-cdk-lib/aws-lambda"; | |
| const layerInstallCommand = [ | |
| "bash", | |
| "-c", |
ottokruse
/ debounce.ts
Last active
April 21, 2022 13:48
TypeScript debounce that keeps argument types of debounced function
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export function debounce<T extends (...args: any[]) => void>( | |
| func: T, | |
| timeout = 300 | |
| ) { | |
| let timer: ReturnType<typeof setTimeout>; | |
| return (...args: Parameters<T>) => { | |
| if (timer) clearTimeout(timer); | |
| timer = setTimeout(() => func(...args), timeout); | |
| }; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| session = boto3.Session() | |
| cognito_client = session.client("cognito-identity") | |
| id_token = "<jwt>" | |
| identity_response = cognito_client.get_id( | |
| IdentityPoolId="<identity pool id>", | |
| Logins={"cognito-idp.<region>.amazonaws.com/<user pool id>": id_token}, # Only need to provide this here as well, if the Identity Pool doesn't allow unauthenticated identities |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Let's say our base type is `Person` and we want to create a type like it, | |
| * where some fields are encrypted into a Buffer instead | |
| */ | |
| type Encrypted<Base, EncryptedFields extends keyof Base> = { | |
| [field in keyof Base]: field extends EncryptedFields ? Buffer : Base[field]; | |
| }; | |
| interface Person { |
ottokruse
/ cw-metric.ts
Last active
March 3, 2021 08:37
Simple AWS Lambda logger that uses CloudWatch Embedded Metric Format to create custom CloudWatch metrics (TypeScript)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Embedded_Metric_Format_Specification.html | |
| export function logCustomMetric(metric: { | |
| dimensions: { | |
| [key: string]: string; | |
| }; | |
| namespace: string; | |
| metrics: { | |
| unit: Unit; | |
| name: string; |
NewerOlder