This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'aws-sdk' | |
| # Return only a single running instance with the Name tag specified | |
| class EC2Helper | |
| def self.GetIdFromName(name) | |
| instances = Array.new | |
| # Filter the ec2 instances for name and state pending or running | |
| ec2 = Aws::EC2::Resource.new(region: ENV['AWS_DEFAULT_REGION']) | |
| ec2.instances({filters: [ |
tom-butler
/ reference.tf
Created
January 31, 2017 00:43
Terraform to only reference the resource that exists
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Assuming either name_1 or name_2 exists (using a count = 0) | |
| # The following can be used to pass an attribute from the resource that was created | |
| "${coalesce( | |
| join("", resource.name.*.id), | |
| join("", resource.name_2.*.id) | |
| )}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #AWS keys should be set before this | |
| echo "Installing Scout security auditor" | |
| git clone https://github.com/nccgroup/Scout2 | |
| cd Scout2 | |
| pip3 install -r requirements.txt | |
| python Scout2.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "", | |
| "Effect": "Allow", | |
| "Principal": { | |
| "AWS": "arn:aws:iam::<CentralMonitoringAccountId>:role/<CentralMonitoringRole>" | |
| }, | |
| "Action": "sts:AssumeRole" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Sid": "InstanceProfile", | |
| "Effect": "Allow", | |
| "Action": [ | |
| "sts:AssumeRole" | |
| ], | |
| "Resource": [ |
tom-butler
/ centralMonitoringRole.tf
Created
June 20, 2017 04:30
Terraform: Central Monitoring Role
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #============================================================== | |
| # tom-butler / centralMonitoringRole.tf | |
| #============================================================== | |
| variable "central_logging_account_id" {} | |
| # The Role itself | |
| resource "aws_iam_role" "monitor_access_role" { | |
| name = "central-logging-monitor" | |
| path = "/" |
tom-butler
/ AddAllOrgAccountsToPolicy.py
Created
June 20, 2017 04:49
Boto3: Add All Org Accounts To IAM Policy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import boto3 | |
| import json | |
| central_logging = '<insert your central logging account id here>' | |
| # Variables for the grafana monitoring server | |
| role_name = 'monitoring_prodcloudwatch_access_role' | |
| policy_arn = 'arn:aws:iam::<insert your central logging account id here>:policy/monitor-assumerole' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get the time in UTC 15 minutes from now | |
| data "external" "date" { | |
| # use date to get the time 15 mins from now | |
| program = ["bash", "${path.module}/date.sh"] | |
| } | |
| # Wait 15 minutes before scaling instances. | |
| resource "aws_autoscaling_schedule" "delaystart" { | |
| scheduled_action_name = "delaystart" | |
| min_size = 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| */5 * * * * cd /opt/healthz && /bin/echo "`date +'\%Y-\%m-\%dT\%H:\%M:\%SZ'` `/usr/local/bin/goss validate -f nagios_verbose`" >> healthz.log |
tom-butler
/ remote-state-provisioner.tf
Created
August 21, 2017 00:27
Terraform remote-state-provisioner
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #============================================================== | |
| # remote-state.tf | |
| #============================================================== | |
| # This file is used to set variables that are passed to sub | |
| # modules to build our stack | |
| #-------------------------------------------------------------- | |
| # Global Config | |
| #-------------------------------------------------------------- |
OlderNewer