Accessing Multiple CodeCommit Repos

AWS provides a handy Git based repository to their customers called CodeCommit. Accessing the repository is easy enough, upload your SSH Key to the AWS Console, and then add CodeCommit to your SSH configuration: # ~/.ssh/config Host git-codecommit.* User USER1EXAMPLEARN1 IdentityFile ~/.ssh/USER1EXAMPLEARN1_rsa This is wonderful until you need to access more than one AWS Account’s CodeCommit repo. How do you identify between two different AWS Account repos that use the same URL? [Read More]

Github Actions Worked

This is a temporary post to let me know that my Github Actions are functional. Yay me!

AWS Boto3 Documentation Redirect

Maybe you are lazy like I am, but when I want to read the Boto3 documentation I just open my browser, and in the omnibar I type boto3 and slap Enter; however, this results in my browser auto-filling the URL bar with and since the AWS guys are too lazy to add a redirect there, I have created a simple User Script that does exactly that, it just redirects the browser to the correct link https://boto3. [Read More]

Find all EC2 Instances using in-house AMIs

Building off my last post GNU Parallel and AWS CLI, today I used parallel with more AWS to get a count of all AMIs being used in my infrastructure using any in-house AMI (non-Amazon, non-Marketplace). The Problem I need to know how many of my instances are running Chef clients. Conveniently we only run Chef client on instances that use images we have created in-house. So I can limit my search. [Read More]

GNU Parallel and AWS CLI

We all know that the GUI/Console for AWS is sadly slow and cumbersome to use. That’s why they created the CLI and SDK tools to let impatient people do more work in less time. However, the CLI and SDK are also slow because well, processing time takes for ever sometimes. So for the truly impatient isn’t it nice that you can use GNU Parallel to complete more work in less time? [Read More]

AWS IAM Scan for Role Name

Scan AWS Account for IAM Role If you are like me you happen to work with ALZs with LOTS of accounts. Jumping into each one to verify a role exists, or doesn’t it quite tedious. So here I have a simple “one-liner” that loops through your accounts and looks for the existence of a role (by partial lookup). One-liner for role in $(cat ~/.aws/credentials | grep devopsadmin | cut -d '[' -f2 | cut -d ']' -f1 | grep -v ^role_arn); do echo $role; aws --profile $role iam list-roles | jq -r ". [Read More]

AWS Backup Delete Script

Delete AWS Backup artifacts AWS Backup is a great utility, but when you are cleaning up an account it takes a long time to remove all the backup artifacts by hand in the console. So instead I present this one-liner Single Region $ aws --region us-east-1 backup list-recovery-points-by-backup-vault --backup-vault-name default | jq '.RecoveryPoints' | jq -c -r '.[].RecoveryPointArn' | xargs --max-lines=1 aws --region us-east-1 backup delete-recovery-point --backup-vault-name default --recovery-point-arn Multiple Regions $ regions=us-east-1,us-west-2; for region in $regions; do aws --region ${region} backup list-recovery-points-by-backup-vault --backup-vault-name default | jq '. [Read More]

Nginx + SSL/TLS through Let's Encrypt

Let’s Encrypt + Nginx is simple easy! Look, it’s 2020, and if your site isn’t provided under SSL/TLS then you are behind even the least sophisticated scammers out there. Here is a quick walk through on using certbot from Let’s Encrypt, that provides easy to acquire, and even renew your certificates if you’re using Nginx. NOTE: These directions are geared toward Fedora users, but this is literally just as easy on Ubuntu, Arch, Gentoo, etc. [Read More]