Uly.me

cloud engineer

Archives for January 2020

Standard S3 Policy

Here’s a standard S3 policy to grant an IAM user access to a bucket within an AWS account. User is allowed to add, update, and delete objects. These 3 actions s3:ListAllMyBuckets, s3:GetBucketLocation, and s3:ListBucket are the additional permissions required to access the console. Also, the s3:PutObjectAcl and the s3:GetObjectAcl actions are required to be able to copy, cut, and paste objects within the console. 

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect":"Allow",
         "Action":[
            "s3:ListAllMyBuckets"
         ],
         "Resource":"arn:aws:s3:::*"
      },
      {
         "Effect":"Allow",
         "Action":[
            "s3:ListBucket",
            "s3:GetBucketLocation"
         ],
         "Resource":"arn:aws:s3:::examplebucket"
      },
      {
         "Effect":"Allow",
         "Action":[
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:DeleteObject"
         ],
         "Resource":"arn:aws:s3:::examplebucket/*"
      }
   ]
}

WordPress Permalinks Not Working

Here’s a couple of things you can do to check if WordPress permalinks is not working.

  1. Make sure .htaccess has the right permissions.
  2. Make sure a2enmod Apache module is enabled.
  3. Restart the Apache server.
chmod 664 /var/www/domain.com/.htaccess
a2enmod rewrite
systemctl restart apache2

Set Linux Time Zone

Here’s another way of setting Linux time zone.

Check server time.

# check server time
date

Change to local time.

# set to local time
rm /etc/localtime
ln -s /usr/share/zoneinfo/America/Los_Angeles /etc/localtime

Check server time again.

# check server time again
date

Bash Convert Bytes

Here’s a function to convert bytes into kilo, mega, giga, tera up to zeta bytes.

function convert_bytes {
    bytes=$credits
    b=${bytes:-0}; d=''; s=0; S=(Bytes {K,M,G,T,E,P,Y,Z}B)
    while ((b > 1024)); do
        d="$(printf ".%02d" $((b % 1000 * 100 / 1000)))"
        b=$((b / 1000))
        let s++
    done
    echo "$b$d ${S[$s]}"
}
credits=2308974418330
echo $credits 
convert_bytes $credits

Result is:

2308974418330
2.30 TB

Tasksel Lampserver

Tasksel is a Debian/Ubuntu tool that installs multiple related packages as a co-ordinated “task” onto your system. It’s similar to meta-packages where tasks are dericed from from Ubuntu package managers like Synaptic or KPackageKit.

Here’s a quickway to install a lamp server.

# install tasksel first if you don't have it.
apt install tasksel
# install a lamp server package
tasksel install lamp-server

WordPress Salt

Here’s a quick way to autogenerate salt for WordPress.

curl -s https://api.wordpress.org/secret-key/1.1/salt/

Google SDK Install on Debian or Ubuntu

Here’s the script.

echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] \
  https://packages.cloud.google.com/apt cloud-sdk main" | \
  sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
sudo apt-get install apt-transport-https ca-certificates
sudo curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | \
  sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add -
sudo apt-get update && sudo apt-get install google-cloud-sdk

AWS Display IAM Certificates

SSL certificates were uploaded to IAM prior to Certificate Manager. Unfortunately, the certificates are not visible from the IAM console. There’s no way to view when a certificate is expiring. So, here’s how to display IAM certificates from the AWS CLI.

aws iam list-server-certificates