Skip to content

Instantly share code, notes, and snippets.

Avatar
🚀
Love People and use things, because the opposite never works

Victor GRENU z0ph

🚀
Love People and use things, because the opposite never works
View GitHub Profile
@z0ph
z0ph / find_loggroups_size.sh
Last active Sep 23, 2021
Find AWS CloudWatch LogGroups size + retention | sorted
View find_loggroups_size.sh
aws logs describe-log-groups \
--query "logGroups[*].{LogGroup:logGroupName,VolumeSize:storedBytes,RetentionInDays:retentionInDays} | reverse(sort_by(@, &VolumeSize))" \
--output table
View aws_config_setup.py
import boto3
import re
from urllib.request import urlopen
import logging
# https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/config.html#ConfigService.Client.put_configuration_recorder
# Purpose:
# Activate Custom AWS Record for AWS Config
# Supported resource type: https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources
@z0ph
z0ph / deprecated-policies.json
Created Apr 2, 2021
List of MAMIP Archive deprecated AWS Managed Policies
View deprecated-policies.json
[
"TagGovernancePolicy",
"AWSLambdaReadOnlyAccess",
"AmazonEC2RolePolicyForApplicationWizard",
"AmazonEverestServicePolicy",
"AmazonEC2SpotFleetRole",
"AWSOpsWorksFullAccess",
"AWSSchemasServiceRolePolicy",
"AmazonMechanicalTurkCrowdReadOnlyAccess",
"AmazonApplicationWizardFullaccess",
@z0ph
z0ph / findings.txt
Last active Mar 24, 2021
AWS Access Analyzer - Policy Validation of 837 AWS Managed Policies.
View findings.txt
==> Validation of: ./policies/TagGovernancePolicy
==> Finding: [
{
"findingDetails": "Using ForAllValues qualifier with the single-valued condition key organizations:ServicePrincipal can be overly permissive. We recommend that you remove ForAllValues:.",
"findingType": "SECURITY_WARNING",
"issueCode": "FORALLVALUES_WITH_SINGLE_VALUED_KEY",
"learnMoreLink": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-security-warning-forallvalues-with-single-valued-key",
"locations": [
{
"path": [
@z0ph
z0ph / unfollow_everyone.py
Created Mar 15, 2021
Unfollow everyone on Twitter.
View unfollow_everyone.py
#!/usr/bin/env python
import tweepy
from config import create_api
def unfollow_everyone(api):
friends = api.friends_ids("<your_twitter_screen_name")
for f in friends:
@z0ph
z0ph / s3BucketsEncryptionLookup.sh
Last active Jun 17, 2020
Retrieve S3 Buckets Encryption status
View s3BucketsEncryptionLookup.sh
for ITEM in $(aws s3api list-buckets --output json |grep "Name" | cut -d":" -f2 | cut -d'"' -f2); do echo $ITEM " --- " $(aws s3api get-bucket-encryption --bucket $ITEM 2>&1); done
View re:Inforce 2019.md

re:Inforce 2019

Il s'agit de la première édition de cette conférence AWS dédiée à la sécurité de ce Cloud Service Provider (CSP). AWS est actuellement en train de proposer de nouveaux événements et summits sur des sujets spécifiques, en plus de l'événement annuel, le re:Invent.

Cette conférence aura lieu chaque année dans une ville différente des États-Unis, il est question de Houston pour l'année prochaine.

@z0ph
z0ph / default_encryption_ebs.py
Last active May 29, 2019
Enable default EBS encryption on all regions #AWS - https://zoph.me (@z0ph)
View default_encryption_ebs.py
import boto3
AWS_REGION = 'eu-west-1'
session = boto3.Session(region_name=AWS_REGION)
ec2 = session.client('ec2')
def main(event, context):
ec2_regions = [region['RegionName'] for region in ec2.describe_regions()['Regions']]
# For all AWS Regions
for region in ec2_regions:
View keybase.md

Keybase proof

I hereby claim:

  • I am z0ph on github.
  • I am zoph (https://keybase.io/zoph) on keybase.
  • I have a public key whose fingerprint is 772A 3500 3085 3CFE 3E41 CF23 A64F 8096 8905 4079

To claim this, I am signing this object:

@z0ph
z0ph / ec2.sh
Created Apr 28, 2019 — forked from junaidk/ec2.sh
Get List of EC2 instances from All regions
View ec2.sh
# install aws cli first
for region in `aws ec2 describe-regions --output text | cut -f3`
do
echo -e "\nListing Instances in region:'$region'..."
aws ec2 describe-instances --query "Reservations[*].Instances[*].{IP:PublicIpAddress,ID:InstanceId,Type:InstanceType,State:State.Name,Name:Tags[0].Value}" --output=table --region $region
done