Rich Adams richadams
richadams
/ pd_aws_config_event_transformer.js
Created
February 9, 2018 22:55
PagerDuty Custom Event Transformer for handling AWS Config compliance events from SNS. Raising incidents if a resource goes non-compliant, and resolving the incident if they go compliant again (or are deleted).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Parses AWS Config events from SNS and will raise PagerDuty incidents if resources | |
| // go non-compliant, resolving the incident when they return to compliant. | |
| // | |
| // This file is intended to be used with a PagerDuty Custom Event Transformer. | |
| // https://www.pagerduty.com/docs/guides/custom-event-transformer/ | |
| // | |
| // Create a new Custom Event Transformer integration in PagerDuty, and subscribe it's | |
| // Integration URL on the SNS Topic that you send AWS Config events to. | |
| // | |
| // You can see all the different notifications Config sends here: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am richadams on github. | |
| * I am richadams (https://keybase.io/richadams) on keybase. | |
| * I have a public key whose fingerprint is 48F4 05D4 8567 234C D6D0 196E 71AB E159 1504 8ED2 | |
| To claim this, I am signing this object: |
richadams
/ aws_security_group_details.sh
Last active
February 23, 2024 20:46
A quick and dirty script to list out all security group settings on an AWS account. Barely tested, use at own risk, etc. Requires awscli to be installed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Requires: awscli (http://aws.amazon.com/cli/) | |
| # Prints out a list of all security groups and their settings, just for quickly auditing it. | |
| # Your AWS credentials | |
| if [ -z ${AWS_ACCESS_KEY_ID} ]; then | |
| export AWS_ACCESS_KEY_ID='***' | |
| export AWS_SECRET_ACCESS_KEY='***' | |
| fi |
richadams
/ update_elb_ssl_neg_policies.sh
Last active
March 4, 2019 19:13
A quick and dirty script to update every ELB in an AWS account to the latest ELBSecurityPolicy-2014-10 to mitigate CVE-2014-3566. Barely tested, use at own risk, etc. Requires awscli to be installed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Requires: awscli (http://aws.amazon.com/cli/) | |
| # Your AWS credentials | |
| export AWS_ACCESS_KEY_ID='***' | |
| export AWS_SECRET_ACCESS_KEY='***' | |
| # This is the base policy that will be used. | |
| POLICY="ELBSecurityPolicy-2014-10" |