In this case, your bucket name does not matter
- Create the bucket (I'll use
myassets
) as an example - In the S3 interface, goto the bucket's Properties
- Under Permissions add a grantee: - Grantee: Everyone - Check only "View Permissions"
#!/bin/bash | |
############################################################################### | |
# vmstat_monitor.sh | |
# | |
# Options: | |
# $1 Delay, in seconds, between readings. Must be >0 | |
# $2 Count of readings to take. This should always be 2 | |
# | |
# If the VMSTAT_DEBUG variable is set non-empty, debug output of all values of | |
# variables will be outputed to stderr. |
10.255.0.0/11 | |
['10.224.*', | |
'10.225.*', | |
'10.226.*', | |
'10.227.*', | |
'10.228.*', | |
'10.229.*', | |
'10.230.*', | |
'10.231.*', | |
'10.232.*', |
#!/bin/bash | |
############################################################################### | |
# find_iam_key.sh <access key id> | |
# Searches through all IAM users to find out which soul decided NOT to use | |
# instance profiles, and instead embeded a key+secret pair in an EC2 instance. | |
############################################################################### | |
############# | |
# Functions # |
In this case, your bucket name does not matter
myassets
) as an example#!/bin/bash | |
get_keys_for_user () | |
{ | |
aws iam list-access-keys \ | |
--user-name $@ \ | |
| jq -r '.AccessKeyMetadata[].AccessKeyId' | |
} | |
get_all_users () |
#!/bin/bash | |
# Default number of seconds to strace for | |
DEFAULT_STRACE_TIMEOUT=$((60*30)) | |
# Job check frequency | |
DEFAULT_CHECK_INTERVAL=30 | |
# Use timeout? | |
USE_TIMEOUT_CMD=n |
Taken from this article but modified to log all passwords, not just failed attempts.