Skip to content

Instantly share code, notes, and snippets.

View ritesh's full-sized avatar
💭
not writing code

Ritesh Sinha ritesh

💭
not writing code
21 followers · 12 following
View GitHub Profile
@ritesh
ritesh / gddutyregionalmaster.yaml
Last active August 9, 2020 12:32
AddPublishingDestinationGdduty
AWSTemplateFormatVersion: "2010-09-09"
Description: |
Publishes findings from a detector in one region to an S3 bucket
Parameters:
DestinationArn:
Type: String
Description: ARN of the S3 bucket that you want GuardDuty to push findings to, GuardDuty must have permissions to write to this bucket
KmsKeyArn:
Type: String
Description: The key that GuardDuty should use to encrypt findings
@ritesh
ritesh / params.json
Created July 31, 2020 11:08
VPCFlowlogs
[
{
"ParameterKey": "RawDBName",
"ParameterValue": "raw_db_vpc_flow_logs"
},
{
"ParameterKey": "RawTableName",
"ParameterValue": "raw_table_vpc_flow_logs"
},
{
@ritesh
ritesh / glue_job.yaml
Created July 21, 2020 21:07
A sample glue job
AWSTemplateFormatVersion: "2010-09-09"
Description: "Create a glue job to process S3 Data events"
Parameters:
LogBucket:
Type: String
GlueAssetsBucket:
Type: String
RawDBName:
Type: String
RawTableName:
@ritesh
ritesh / Makefile
Created July 10, 2020 14:33
Makefile for cfn templates
STACK_NAME=MyStack
TEMPLATE_FILE=template.yaml
CAPABILITIES=CAPABILITY_NAMED_IAM
validate:
aws cloudformation validate-template --template-body file://$(TEMPLATE_FILE)
create-stack: validate
aws cloudformation deploy --template-file $(TEMPLATE_FILE) --stack-name $(STACK_NAME) --capabilities $(CAPABILITIES) --parameter-overrides ProjectId=$(STACK_NAME)
@ritesh
ritesh / get_iam_actions.sh
Created June 24, 2020 10:11
List of IAM actions via the policy editor
#!/bin/bash
rm policies.js
rm service_actions.txt
curl -s https://awsiamconsole.s3.amazonaws.com/iam/assets/js/bundles/policies.js -O && node -e "app={}; EnvInfo ={}; _ = {has: function() {return false;}, extend: function(){},};require('./policies.js'); console.log(JSON.stringify(app));" | jq .PolicyEditorConfig.serviceMap > service_actions.txt
python iam_actions.py
@ritesh
ritesh / release_rust.yml
Created June 19, 2020 19:28
name: CI
on:
push:
branches:
- master
tags:
- '*'
jobs:
@ritesh
ritesh / update_trusted_ips.py
Created June 12, 2020 13:11
update_trusted_ips.py
import boto3
import logging
import click
from urllib.parse import urlparse
@click.command()
@click.option('--iplist', prompt='Location of the IP list in S3', help='A file with a CIDR per line of trusted IPs (only TXT supported for now)')
@click.option('--name', default='KnownIPs', prompt='Name', help='Name of the threat list')
def update_threat_list(iplist, name):
if not valid_list(iplist):
@ritesh
ritesh / main.rs
Created April 14, 2020 10:53
Brute force anagram
use std::fs::File;
use std::io::{self, BufRead};
use std::path::Path;
use rand::{thread_rng, Rng};
use std::collections::HashSet;
use trie_rs::TrieBuilder;
// A silly program that finds words in a single word anagram using brute-force
// We use a data structure called a Trie: https://en.wikipedia.org/wiki/Trie
// to store a dictionary of words
@ritesh
ritesh / params.yaml
Created October 9, 2019 13:53
ParamSelection
AWSTemplateFormatVersion: 2010-09-09
Description: |
Creates an IAM role with a fixed set of parameters
Parameters:
RoleName:
Type: String
Description: Name of the role you want to create
EC2Policy:
Type: String
@ritesh
ritesh / anim.sh
Created June 17, 2019 13:42
Quick animation
# Use imagemagick convert for this
# Flop flips an image around the X axis (i.e. mirror image)
convert -flop yourimage.png yourimageflop.png
# Make it loopy
convert -loop 0 -delay 100 yourimage.png yourimageflop.png out.gif