Archives for June 2021

Sudoers File Explained

June 30, 2021

You are probably wondering how the sudoers file works. Here’s a simple explanation.

Command

username host=(user:group) tag:commands

Explanation

- username – the specified user allowed to run commands.
- host – the specified host the command is allowed to run.
- user – specifies which users can use the command.
- group – specifies which groups can run the command.
- tag – the option allowed. NOPASSWD
- command – the command allowed to run.

Examples

root    ALL=(ALL) ALL
username ALL=(ALL) ALL
john test=(ALL) NOPASSWD: /bin/useradd
jane ALL=(sales) NOPASSWD: /bin/sh
%sudo ALL=(ALL) ALL
%adgroup ALL=(ALL) ALL

Copy S3 To Another Region

June 22, 2021

Buckets are regional. Your source and destination buckets should be in different regions.

aws s3 sync s3://DOC-EXAMPLE-BUCKET-SOURCE s3://DOC-EXAMPLE-BUCKET-TARGET

Use the sync command. It will copy new or modified files.

GCP Create SSL Certificate

June 13, 2021

gcloud compute ssl-certificates create certificate-name \
--description="ssl cert for domain-name.com" \
--domains=domain-name.com \
--certificate=certificate-file \
--private-key=private-key \
--region=us-central1-c \
--global

GCP Update Instance Metadata

June 13, 2021

How to update an instance metadata in GCP.

gcloud compute instances add-metadata instance-name \
--metadata key-name=value \
--project your-project-id \
--zone us-central1-a

In this example, we are adding enable-oslogin=TRUE.

gcloud compute instances add-metadata instance-name \
--metadata enable-oslogin=TRUE \
--project your-project-id \
--zone us-central1-a

GCP Reserve Alias IP

June 13, 2021

Make an IP alias reservation.

gcloud compute instances network-interfaces update instance-name \
--zone us-central1-c \
--aliases default:/32 \
--project project-id