Tyler Gohl tylergohl

## subnet
  DMZSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select ['0', !GetAZs {Ref: 'AWS::Region'}]
      VpcId: !Ref 'EnvironmentVpc'
      MapPublicIpOnLaunch: Yes
      CidrBlock: !Ref 'DMZSubnetCidrA'
      Tags:
      - Key: Name
        Value: !Sub "${EnvironmentValue}-dmzsubnet-a"

## FixDumbTagMistake.ps1
# Change up $role / $product as needed

$MajorEnv = 'int'
$EnvNumber = '01'
$Env = "$MajorEnv$EnvNumber"
$Role = 'es-master'
$values = "$Env-$Role*"
$Product = 'los'

# Get empty web server tags

## GetAutomationRuns.ps1
# Find automation runs that have happened in the last 24 hours and the instances that they have run against

$Instances = (Get-SSMAutomationExecutionList | where-object { $_.DocumentName -like '*ssm-nightlyrecycle-doc*' -and $_.ExecutionStartTime -gt (Get-Date).AddHours(-24) } | Get-SSMAutomationExecution).Parameters

$InstanceIDs = ((Get-SSMAutomationExecutionList | where-object { $_.DocumentName -like '*ssm-nightlyrecycle-doc*' -and $_.ExecutionStartTime -gt (Get-Date).AddHours(-24) } | Get-SSMAutomationExecution).Parameters).Values


$Instances = ($InstanceIDs | Get-EC2Instance | Select-object -ExpandProperty Instances)
(($Instances.tag) | Where-Object Key -eq "Name").value

## Run-SSMCommand.ps1
$NameWildcard = 'prd01worker*'
$Comment = 'Doing stuff'
$Commands = @(
    'dir c:\users',
    'dir c:\'
)

# Instance state code 16 is for powered on instances

$Instances = (Get-EC2Instance -Filter @( @{name='tag:Name'; values=$NameWildcard}; @{name='instance-state-code'; values = 16} ) | Select-Object -ExpandProperty instances).InstanceId

## WindowsUpdateAudit.ps1
# For auditing when updates were installed, useful for SOC 2

$Session = New-Object -ComObject "Microsoft.Update.Session"
$Searcher = $Session.CreateUpdateSearcher()

$historyCount = $Searcher.GetTotalHistoryCount()

$Searcher.QueryHistory(0, $historyCount) | Select-Object Title, Description, Date,

    @{name="Operation"; expression={switch($_.operation) {

## UpdateAzureRMTags.ps1
$TestVMs = Get-AzureRMVM | where ResourceGroupName -like test*

ForEach ($VM in $TestVMs) {
  $CurrentTags = $VM.Tags
  Write-Verbose "VM name: $VM.Name"
  Write-Verbose "Current tags: $CurrentTags"
  $VM | Update-AzureRMVm -tags ($CurrentTags += @{yournewtag="yournewvalue"}) -ErrorAction Continue
}

## SetAzureAutoShutdownTags.ps1
$rgs = get-azurermresourcegroup | where-object { $_.ResourceGroupName -like "test??" }

ForEach ($rg in $rgs) {
  $tags = $rg.Tags
  $tags += @{Name="AutoShutdownSchedule";Value="1am -> 1pm, Saturday, Sunday"}
  $rg | Set-AzureRmResourceGroup -Tag $tags
}

## boxstarter.txt
# Invoke using following syntax into IE:
# http://boxstarter.org/package/url?[raw link to this gist]

# Boxstarter options
$Boxstarter.RebootOk=$true
$Boxstarter.NoPassword=$false # Is this a machine with no logon password?
$Boxstarter.AutoLogin=$true

Set-WindowsExplorerOptions -EnableShowFileExtensions
Disable-UAC
	DMZSubnetA:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select ['0', !GetAZs {Ref: 'AWS::Region'}]
	VpcId: !Ref 'EnvironmentVpc'
	MapPublicIpOnLaunch: Yes
	CidrBlock: !Ref 'DMZSubnetCidrA'
	Tags:
	- Key: Name
	Value: !Sub "${EnvironmentValue}-dmzsubnet-a"
	# Change up $role / $product as needed

	$MajorEnv = 'int'
	$EnvNumber = '01'
	$Env = "$MajorEnv$EnvNumber"
	$Role = 'es-master'
	$values = "$Env-$Role*"
	$Product = 'los'

	# Get empty web server tags
	# Find automation runs that have happened in the last 24 hours and the instances that they have run against

	$Instances = (Get-SSMAutomationExecutionList \| where-object { $_.DocumentName -like 'ssm-nightlyrecycle-doc' -and $_.ExecutionStartTime -gt (Get-Date).AddHours(-24) } \| Get-SSMAutomationExecution).Parameters

	$InstanceIDs = ((Get-SSMAutomationExecutionList \| where-object { $_.DocumentName -like 'ssm-nightlyrecycle-doc' -and $_.ExecutionStartTime -gt (Get-Date).AddHours(-24) } \| Get-SSMAutomationExecution).Parameters).Values


	$Instances = ($InstanceIDs \| Get-EC2Instance \| Select-object -ExpandProperty Instances)
	(($Instances.tag) \| Where-Object Key -eq "Name").value
	$NameWildcard = 'prd01worker*'
	$Comment = 'Doing stuff'
	$Commands = @(
	'dir c:\users',
	'dir c:\'
	)

	# Instance state code 16 is for powered on instances

	$Instances = (Get-EC2Instance -Filter @( @{name='tag:Name'; values=$NameWildcard}; @{name='instance-state-code'; values = 16} ) \| Select-Object -ExpandProperty instances).InstanceId
	# For auditing when updates were installed, useful for SOC 2

	$Session = New-Object -ComObject "Microsoft.Update.Session"
	$Searcher = $Session.CreateUpdateSearcher()

	$historyCount = $Searcher.GetTotalHistoryCount()

	$Searcher.QueryHistory(0, $historyCount) \| Select-Object Title, Description, Date,

	@{name="Operation"; expression={switch($_.operation) {
	$TestVMs = Get-AzureRMVM \| where ResourceGroupName -like test*

	ForEach ($VM in $TestVMs) {
	$CurrentTags = $VM.Tags
	Write-Verbose "VM name: $VM.Name"
	Write-Verbose "Current tags: $CurrentTags"
	$VM \| Update-AzureRMVm -tags ($CurrentTags += @{yournewtag="yournewvalue"}) -ErrorAction Continue
	}
	$rgs = get-azurermresourcegroup \| where-object { $_.ResourceGroupName -like "test??" }

	ForEach ($rg in $rgs) {
	$tags = $rg.Tags
	$tags += @{Name="AutoShutdownSchedule";Value="1am -> 1pm, Saturday, Sunday"}
	$rg \| Set-AzureRmResourceGroup -Tag $tags
	}
	# Invoke using following syntax into IE:
	# http://boxstarter.org/package/url?[raw link to this gist]

	# Boxstarter options
	$Boxstarter.RebootOk=$true
	$Boxstarter.NoPassword=$false # Is this a machine with no logon password?
	$Boxstarter.AutoLogin=$true

	Set-WindowsExplorerOptions -EnableShowFileExtensions
	Disable-UAC