Archives for April 2020

SSSD Leave Domain

April 30, 2020

Here’s how to unjoin or leave the domain via SSSD.

realm leave domain.com

AWS S3 Sync Between Accounts

April 29, 2020

Here’s how to sync S3 buckets between 2 different AWS accounts. Assuming buckets are already created.

Setup bucket permissions in Account A
Setup IAM user with permissions in Account B
Setup bucket permissions in Account B
Run S3 sync from Account B.

Account A bucket permissions. Account and user are from Account B.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DelegateS3Access",
            "Effect": "Allow",
            "Principal": {"AWS": "arn:aws:iam::222222222222:user/Jane"},
            "Action": ["s3:ListBucket","s3:GetObject"],
            "Resource": [
                "arn:aws:s3:::awsexamplesourcebucket/*",
                "arn:aws:s3:::awsexamplesourcebucket"
            ]
        }
    ]
}

Create IAM user (Jane) in Account B

aws iam create-user --user-name Jane

Give IAM user (Jane) access to both buckets.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::awsexamplesourcebucket",
                "arn:aws:s3:::awsexamplesourcebucket/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::awsexampledestinationbucket",
                "arn:aws:s3:::awsexampledestinationbucket/*"
            ]
        }
    ]
}

Sync the buckets

aws s3 sync s3://awsexamplesourcebucket s3://awsexampledestinationbucket

AWS CLI AutoScaler Update

April 27, 2020

Here’s the AWS CLI command to set the Auto Scaling Group to a certain number for the minimum, maximum, and desired number of instances.

#!/bin/bash
# Format:  
# ./autoscaling.sh 3
# ./autoscaling.sh 0
int=$1
aws autoscaling update-auto-scaling-group \
--auto-scaling-group-name your-auto-scaling-group \
--min-size $int \
--max-size $int \
--desired-capacity $int \
--region us-east-2

Format:

./autoscaling.sh 0
./autoscaling.sh 3

MySQL SSL Connection

April 27, 2020

The standard way to connect to MySQL is:

mysql -h hostname -u user -p

Here’s how to connect to MySQL with SSL encryption.

mysql -h hostname -u user -p \
--ssl-ca=server-ca.pem \
--ssl-cert=client-cert.pem \
--ssl-key=client-key.pem

Generate the SSL keys from the MySQL server. Download it to the client.

MySQL Restore

April 26, 2020

Here’s how to restore a MySQL database from mysqldump.

mysql -u user -p
mysql> drop database databasename;
mysql> quit;
Bye
mysql -u user -p databasename < filename.sql

Drop database first, then import the SQL file.