Archives for May 2019

Certbot AWS Renewals

May 27, 2019 by Ulysses

Here are the instructions for renewing Certbot SSL certificates in AWS Certificate Manager. Certbot provides SSL certificates for free for 60 days and are auto-renewed before they expire. If you are using Certbot SSL certificates with CloudFront, you will need to reimport them to AWS Certificate Manager before expiration.

Get the latest SSL certificate by running “certbot certificates.”
Reimport the certificate in 3 parts.
- Certificate Body – the root or top portion of the full chain
- Certificate Private key – the private key
- Certificate chain – the entire full chain containing multiple certificates
Click Save. Check expiration.

You’ll need to update the certificate before the next expiration date.

Differences between AWS, Azure and GCP

May 26, 2019 by Ulysses

Here’s a side by side comparison of AWS vs. GCP, and AWS vs. Azure.

AWS Assume Role

May 23, 2019 by Ulysses

If you have multiple AWS accounts, you can gain additional permission by authorizing it to a different AWS account via IAM. Here’s the assume role documentation from AWS. And here are some documentation if you need to grant someone to switch accounts. If you are going to be using the AWS CLI, you will need to run “aws configure” to setup multiple profiles.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "sts:AssumeRole",
            "Resource": [
                "arn:aws:iam::*:role/your-custom-role"
            ],
            "Effect": "Allow"
        }
    ]
}

Sublime Text Remove Tabs

May 20, 2019 by Ulysses

I keep forgetting this command. This is to remove tabs from multiple lines in Sublime Text.

Shift+Tab

AWS CLI Lightsail

May 19, 2019 by Ulysses

Get instance details

aws lightsail get-instance --instance-name your-server

Get instance state

aws lightsail get-instance-state --instance-name your-server

Create a snapshot

aws lightsail create-instance-snapshot \
--instance-snapshot-name your-server-new-snapshot-201905192200 \
--instance-name your-server

Create disk from snapshot

aws lightsail create-disk-from-snapshot \
--disk-name your-server-new-boot-disk \
--disk-name your-server-new-snapshot-201905192200 \
--availability-zone us-east-1a
--size-in-gb 50

Attach Disk

aws lightsail attach-disk \
--disk-name your-server-new-boot-disk \
--instance-name your-server \
--disk-path /dev/sda1

Create instance from snapshot

aws lightsail create-instance-snapshot \
--instance-snaphot-name your-server-new-snapshot-201905192200
--instance-name your-server

Attach Static IP Address

aws lightsail attach-static-ip \
--static-ip-name your-ip-name \
--instance-name your-server

Split Text into Columns in Excel

May 14, 2019 by Ulysses

How to Split Text into Columns in Excel.

Select the cell or column that contains the text you want to split.
Select Data > Text to Columns.
In the Convert Text to Columns Wizard, select Delimited > Next.
Select the Delimiters for your data. For example, Comma and Space.
You can see a preview of your data in the Data preview window.
Select Next.
Select the Column data format or use what Excel chose for you.
Select the Destination, which is where you want the split data to appear on your worksheet.
Select Finish.

Count Number of Files in Directory

May 14, 2019 by Ulysses

Get a count of the number of files in a directory.

# using ls
ls | wc -l
ls -Aq | wc -l
# include hidden files 
find . ! -name . -prune -print | grep -c /
find .//. ! -name . -print | grep -c //
# using tree if installed. yum install tree. apt-get install tree
tree

AWS Glacier Setup via S3

May 13, 2019 by Ulysses

You can setup AWS Glacier via S3 bucket replication. Create a S3 bucket and slap this bucket policy.

{
    "Version": "2012-10-17",
    "Id": "S3PolicyId1",
    "Statement": [
        {
            "Sid": "IPAllow",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::your-bucket-storage-name/*",
            "Condition": {
                "IpAddress": {
                    "aws:SourceIp": "10.0.0.0/8"
                }
            }
        },
        {
            "Sid": "DenyIncorrectEncryptionHeader",
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::your-bucket-storage-name/*",
            "Condition": {
                "StringNotEquals": {
                    "s3:x-amz-server-side-encryption": "AES256"
                }
            }
        },
        {
            "Sid": "DenyUnEncryptedObjectUploads",
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::your-bucket-name/*",
            "Condition": {
                "Null": {
                    "s3:x-amz-server-side-encryption": "true"
                }
            }
        }
    ]
}

Add this policy to your IAM user or role.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::your-bucket-name/*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:List*",
                "s3:Get*"
            ],
            "Resource": "arn:aws:s3:::*"
        }
    ]
}

Finally, add a lifecycle policy to move your files from Standard to Glacier storage type.