Terraform Notes

github search

AWS CLI Notes

cloudfront ec2 ecr elb ecs events kms sns s3 resourcegroupstaggingapi

Awk Notes

To format strings in awk use printf

Searching github with multiple topics.

Github.com ui .currently does not natively supoport search for multiple topic tags as of now. However their api allows you to query multiple tags. Below is a simple example to query github.com with ecs and go topic tags.

Setup env variables for VScode integrated terminal.

If you are working on a project that involves multiple aws profiles and vscode, this trick might come handy. Depending on the project you would like to make calls from vscode interated terminal to certail aws accounts. In order to do it you need to setup env var AWS_PROFILE on the current shell session. So in order to that in vscode simply create .vscode/settings.json in your projects root and append or add the following snippet. Depending on the os you might need to slightly use different settings.

Filter and delete s3 objects by date.

Filter and delete aws s3 object.

Search aws security groups for a given ip address.

For a given ip addres search the security groups that includes that ip address in their rules.

jq Cheat Sheet

To follow the examples you can download the sample json file. Generated via https://www.json-generator.com/#

Useful EC2 cli commands.

AWS Docs

Multi stage api gateway deployment with serverless framework.

Both serverless framework and api gateway has the concept of stages.

Useful aws cli rds commands i use often.

Get the full attributes of rds instances with its instancesidentifier

aws --profile=HA rds describe-db-instances --query 'DBInstances[?DBInstanceIdentifier==`evox-dev`]'

Some useful cloudtrail commands i use often.

AWS Docs

TIL -AWS has a nice api endpoint to get its ip ranges.

Not only you can query by service but also you can get notification of any changes to ip ranges by subscribing to SNS AmazonIpSpaceChanged. source

Setting up SQS as event source with serverless and cloudformation.

AWS recently announced SQS as an event source for lambda functions. This is now GA and looks like there is already a pr for it to to be soon implemened in serverless framework as well.

Useful github search queries

Search a npm package that is used in a project. This is useful to get ideas of how package is setup and used. github
rbac filename:package.json
Search repos with more than 100 stars. github

Server-Side Encryption with Customer-Provided Encryption Keys

Per AWS docs requirements for encryptions are: https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html

Encrypting files with rsa key pairs.

My day job i use ssh… alot. When you manage hundreds of servers with mission critical infastructure running on passswordless login with ssh keys can be huge time saver. I also take security pretty seriously when it comes to store sensitive information and always looking to find better ways to store sensitive information securely and also in a convenient way for it to be not cumbersome. With that thought combining ssh keys to encrypt/decrypt files made quite sense so here is a quick write up to do it for anyone else that are interested in it.

Save screenshot to clipboard on OSX

Screenshots are saved as .png files on the desktop in Mac OS X v10.6 and later. They’re automatically named “Screen Shot date at time .png.” To save your screenshot to the Clipboard instead of a file on your desktop, use

Command-Shift-Control-4

.

OpenVpn Setup with Docker

This is a basic summary of excellent tutorial from Digital Ocean on how to setup OpenVpn with Docker.

Bastion Host Setup for CoreOS

A common server access pattern is to prevent any connection to your production servers from outside of their private subnet, and use a bastion host to access the private subnet. This pattern is very useful when you want to limit; for example ssh access, from only within the network.