This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- src https://docs.aws.amazon.com/athena/latest/ug/vpc-flow-logs-parquet.html | |
CREATE EXTERNAL TABLE IF NOT EXISTS tgw_flow_logs ( | |
version int, | |
account_id string, | |
interface_id string, | |
srcaddr string, | |
dstaddr string, | |
srcport int, | |
dstport int, | |
protocol bigint, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
PORTALBASE=https://portal.sso.ap-southeast-2.amazonaws.com | |
REGION=ap-southeast-2 | |
headers="-H 'X-Amz-Sso-Bearer-Token: $TOKEN' -H 'x-amz-sso_bearer_token: $TOKEN'" | |
if [ -z "$TOKEN" ]; then | |
echo "Must set $TOKEN before running. Get it from browser login to sso portal, and check header for x-amz-sso_bearer_token" | |
return 1 | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Define the provider and region | |
provider "aws" { | |
region = "ap-southeast-2" | |
} | |
variable "username" { | |
} | |
variable "password" {} | |
# Get the default VPC | |
data "aws_vpc" "default" { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import sys | |
import datetime | |
import json | |
import uuid | |
''' | |
# Description | |
Convert tfsec json output to gitlab sast json format | |
TFSec https://github.com/aquasecurity/tfsec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Check if the host argument is provided | |
if [ -z "$1" ]; then | |
echo "Usage: $0 host" | |
exit 1 | |
fi | |
# Get the host name | |
host=$1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CREATE EXTERNAL TABLE IF NOT EXISTS vpc_flow_logs ( | |
version int, | |
account string, | |
interfaceid string, | |
sourceaddress string, | |
destinationaddress string, | |
sourceport int, | |
destinationport int, | |
protocol int, | |
numpackets int, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# run neo4j locally with e.g. docker run --rm -ti -p 7474:7474 -p7687:7687 --env NEO4J_AUTH=none neo4j | |
# athena table should be created per https://gist.github.com/rdkls/4d2228795b3a64d9a728f94e1441222f | |
from pyathena import connect | |
from neo4j import GraphDatabase | |
import threading | |
from halo import Halo # Import halo lib | |
# Define connection parameters |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-logging.html | |
BUT add "alert" data which is super important when trying to troubleshoot which rule is blocking | |
CREATE EXTERNAL TABLE `nfw_logs`( | |
`firewall_name` string COMMENT 'from deserializer', | |
`availability_zone` string COMMENT 'from deserializer', | |
`event_timestamp` bigint COMMENT 'from deserializer', | |
`event` struct< | |
timestamp:string, | |
flow_id:bigint, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# brew install session-manager-plugin | |
# Bootstrap your ssh key to ec2 instance, then start ssh session over ssm to it | |
# Since it's plain ssh can then e.g. port forward and all the funky stuff | |
Host i-* mi-* ssm-jumphost | |
User ec2-user | |
IdentityFile ~/.ssh/nick-doyle-slalom-lab-ed25519 | |
ProxyCommand sh -c "aws ec2-instance-connect send-ssh-public-key --instance-id %h --ssh-public-key '$(cat ~/.ssh/nick-doyle-slalom-lab-ed25519.pub)' --instance-os-user ec2-user; aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Fix Github Co-pilot self-signed cert problem | |
# See: https://github.com/orgs/community/discussions/8866#discussioncomment-3517831 | |
# The script is modified to handle .vscode-server too (in WSL2) | |
fix_github_copilot() { | |
patch_ext() { | |
_VSCODEDIR=$1 | |
_EXTENSIONSPATH="$HOME/${_VSCODEDIR}/extensions" | |
_RE=$2 |
NewerOlder