breser

#!/bin/bash

# Disables EKS features of GuardDuty that have been automatically enabled.

# Run from the account that is your GuardDuty delegated admin account.
# Assumes that GuardDuty is enabled in all regions with a single detector and that auto-enable is turned on.
# If it isn't on in all regions you may need to adjust how you populate the list or regions.
# If you don't want auto-enable turned on change --auto-enable to --no-auto-enable
# If you have multiple detectors, I leave it as an excercise to the reader to deal with that.
# xargs is used since update-member-detectors has an apparent limit of 12 accounts per call

benkehoe

import aws_assume_role_lib # https://github.com/benkehoe/aws-assume-role-lib

account_role_name = "YOUR_ACCOUNT_ROLE_NAME_HERE" # TODO: put your role name here

management_account_session = boto3.Session()
# if you're using AWS SSO in your management account and there's a specific role for this work, you could use aws-sso-lib
# https://github.com/benkehoe/aws-sso-util/blob/master/lib/README.md
# management_account_session = aws_sso_lib.get_boto3_session(start_url, sso_region, management_account_id, management_role_name, region=sso_region)

orgs = management_account_session.client('organizations')

iann0036

route53domains:RegisterDomain
route53domains:RenewDomain
route53domains:TransferDomain
ec2:ModifyReservedInstances
ec2:PurchaseHostReservation
ec2:PurchaseReservedInstancesOffering
ec2:PurchaseScheduledInstances
rds:PurchaseReservedDBInstancesOffering
dynamodb:PurchaseReservedCapacityOfferings
s3:PutObjectRetention

benkehoe

# *** WARNING ***
# This gist is no longer maintained
# It has been replaced by aws-assume-role-lib in PyPI
# Documentation at https://github.com/benkehoe/aws-assume-role-lib
# It is still a single-file library, you can find the stable version here:
# https://raw.githubusercontent.com/benkehoe/aws-assume-role-lib/stable/aws_assume_role_lib/aws_assume_role_lib.py
# (link also available in the docs)

# Copyright 2020 Ben Kehoe
#

Mattias-

#!/bin/bash

# This is a script that unsubscribes an email address from AWS junk mail.
# If the script breaks it might be the magic numbers that needs to change.
# Send the form while tracing the request in your browser to find the new values.
# https://pages.awscloud.com/communication-preferences

unsubscribe_aws_email() {
    curl "https://pages.awscloud.com/index.php/leadCapture/save2" \
        -H "Accept: application/json" \

tomofuminijo

AWSTemplateFormatVersion: 2010-09-09
Description: Enable AWS Config
Parameters:
  AuditS3BucketName:
    Type: String
  OrganizationId:
    Type: String

Resources:
  ServiceLinkedRoleForConfig:

nl5887

#!/usr/bin/env bash
AWS_CLI="aws --region $AWS_REGION"

PRICE=0.2
USER_NAME=#USERNAME#
KEY_NAME=#KEY NAME#
SECURITY_GROUP_ID=#SECURITY GROUP#
SUBNET_ID=#SUBNET#
VOLUME_SIZE=40
INSTANCE_TYPE=t2.2xlarge

paulwakeford

#!/bin/bash
for region in `aws ec2 describe-regions --region us-east-1 --output text | cut -f3`
do
echo -e "Enabling GuardDuty in region:'$region'..."
aws guardduty create-detector --enable --region $region
done

tkalus

#!/usr/bin/env python3
"""
Delete an IAM User from an AWS Account.

Copyright (c) 2019 TKalus <tkalus@users.noreply.github.com>

Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of

0xdabbad00

Clone botocore and run `git rev-list --all > commit_list.txt` to get a chrological list of the hashes.
Then I manually installed https://github.com/nok/git-walk but had to modify it to use my list instead of generating it's own each time because it was going into a loop.
So `read_commit_ids` looks like this:

```
def read_commit_ids():
    #cmd = 'git rev-list --all'
    #log = subp.check_output(cmd.split()).strip()
    #log = [line.strip() for line in log.split('\n')]
    with open("commit_list.txt") as f: