Archives for December 2021

zip multiple files into one zip

December 31, 2021

How to zip multiple files into one zip file.

Using zip.

zip test.zip *.txt

Using tar.

tar cvzf test.tar.gz *.txt

Untar in current directory or specify another directory.

tar xvzf test.tar.gz .
tar xvzf test.tar.gz -C /path/to/dir

Install latest Sublime Text

December 31, 2021

How to install the latest version of the Sublime Text editor on Ubuntu or Mint.

wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add -
sudo apt-get install apt-transport-https
echo "deb https://download.sublimetext.com/ apt/stable/" | sudo tee /etc/apt/sources.list.d/sublime-text.list
sudo apt-get update
sudo apt-get install sublime-text

It will add the sublime-text.list file in /etc/apt/sources.list.d directory.

AWS CloudFormation Security Group

December 29, 2021

AWS CloudFormation to create security groups. Includes self-refencing ingress and egress rules.

AWSTemplateFormatVersion: '2010-09-09'
Description: my-security-groups
######################################
Parameters:
  EC2Vpc:
    ConstraintDescription: Must be a valid VpcId
    Description: Select the VPC to use
    Type: AWS::EC2::VPC::Id
##############################################################################
Metadata:
  AWS::CloudFormation::Interface:
    ParameterGroups:
    - Label:
        default: VPC
      Parameters:
      - EC2Vpc
##############################################################################
Resources:
  EC2InstanceSecurityGroup1:
    Type: AWS::EC2::SecurityGroup
    Properties:
      VpcId: 
        Ref: EC2Vpc
      GroupDescription: my-security-group-1
      GroupName: my-security-group-1
      SecurityGroupIngress:
        - {CidrIp: 10.0.0.0/8,                        IpProtocol: tcp,  FromPort: '80',      ToPort: '80',    Description: 'HTTP'}  
      SecurityGroupEgress:
        - {CidrIp: 10.0.0.0/8,                        IpProtocol: udp,  FromPort: '123',     ToPort: '123',   Description: 'NTP'}  
        - {CidrIp: 10.0.0.0/8,                        IpProtocol: tcp,  FromPort: '53',      ToPort: '53',    Description: 'DNS'}
      Tags:
        - {Key: Name,         Value: 'my-security-group-1'}
  EC2InstanceSecurityGroup2:
    Type: AWS::EC2::SecurityGroup
    Properties:
      VpcId: 
        Ref: EC2Vpc
      GroupDescription: my-security-group-2
      GroupName: my-security-group-2
      SecurityGroupIngress:
        - {CidrIp: 0.0.0.0/0,                        IpProtocol: tcp,  FromPort: '443',     ToPort: '443',   Description: 'HTTP'}  
        - {CidrIp: 0.0.0.0/0,                        IpProtocol: icmp, FromPort: '-1',      ToPort: '-1',    Description: 'ICMP ping'}
      SecurityGroupEgress:
        - {CidrIp: 10.0.0.0/8,                       IpProtocol: udp,  FromPort: '123',     ToPort: '123',   Description: 'NTP'}  
        - {CidrIp: 10.0.0.0/8,                       IpProtocol: tcp,  FromPort: '53',      ToPort: '53',    Description: 'DNS'}
        - {CidrIp: 0.0.0.0/0,                        IpProtocol: icmp, FromPort: '-1',      ToPort: '-1',    Description: 'ICMP ping'}
      Tags:
        - {Key: Name,         Value: 'my-security-group-2'}
  MyIngressSelfAll:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupId: !Ref EC2InstanceSecurityGroup2
      SourceSecurityGroupId: !GetAtt EC2InstanceSecurityGroup2.GroupId
      IpProtocol: -1
      FromPort: 0
      ToPort: 65535
  MyEgressSelfAll:
    Type: AWS::EC2::SecurityGroupEgress
    Properties: 
      GroupId: !Ref EC2InstanceSecurityGroup2
      DestinationSecurityGroupId: !GetAtt EC2InstanceSecurityGroup2.GroupId
      IpProtocol: -1 
      FromPort: 0
      ToPort: 65535
##############################################################################
Outputs:
  SecurityGroupId:
    Description: The Security Group that was created
    Value: {Ref: EC2InstanceSecurityGroup1}
    Value: {Ref: EC2InstanceSecurityGroup2}
  StackName:
    Description: Name of this stack for Fn::ImportValue use by children of top level stack
    Value: {Ref: 'AWS::StackName'}

AWSTemplateFormatVersion: '2010-09-09' Description: my-security-groups ###################################### Parameters: EC2Vpc: ConstraintDescription: Must be a valid VpcId Description: Select the VPC to use Type: AWS::EC2::VPC::Id ############################################################################## Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: VPC Parameters: - EC2Vpc ############################################################################## Resources: EC2InstanceSecurityGroup1: Type: AWS::EC2::SecurityGroup Properties: VpcId: Ref: EC2Vpc GroupDescription: my-security-group-1 GroupName: my-security-group-1 SecurityGroupIngress: - {CidrIp: 10.0.0.0/8, IpProtocol: tcp, FromPort: '80', ToPort: '80', Description: 'HTTP'} SecurityGroupEgress: - {CidrIp: 10.0.0.0/8, IpProtocol: udp, FromPort: '123', ToPort: '123', Description: 'NTP'} - {CidrIp: 10.0.0.0/8, IpProtocol: tcp, FromPort: '53', ToPort: '53', Description: 'DNS'} Tags: - {Key: Name, Value: 'my-security-group-1'} EC2InstanceSecurityGroup2: Type: AWS::EC2::SecurityGroup Properties: VpcId: Ref: EC2Vpc GroupDescription: my-security-group-2 GroupName: my-security-group-2 SecurityGroupIngress: - {CidrIp: 0.0.0.0/0, IpProtocol: tcp, FromPort: '443', ToPort: '443', Description: 'HTTP'} - {CidrIp: 0.0.0.0/0, IpProtocol: icmp, FromPort: '-1', ToPort: '-1', Description: 'ICMP ping'} SecurityGroupEgress: - {CidrIp: 10.0.0.0/8, IpProtocol: udp, FromPort: '123', ToPort: '123', Description: 'NTP'} - {CidrIp: 10.0.0.0/8, IpProtocol: tcp, FromPort: '53', ToPort: '53', Description: 'DNS'} - {CidrIp: 0.0.0.0/0, IpProtocol: icmp, FromPort: '-1', ToPort: '-1', Description: 'ICMP ping'} Tags: - {Key: Name, Value: 'my-security-group-2'} MyIngressSelfAll: Type: AWS::EC2::SecurityGroupIngress Properties: GroupId: !Ref EC2InstanceSecurityGroup2 SourceSecurityGroupId: !GetAtt EC2InstanceSecurityGroup2.GroupId IpProtocol: -1 FromPort: 0 ToPort: 65535 MyEgressSelfAll: Type: AWS::EC2::SecurityGroupEgress Properties: GroupId: !Ref EC2InstanceSecurityGroup2 DestinationSecurityGroupId: !GetAtt EC2InstanceSecurityGroup2.GroupId IpProtocol: -1 FromPort: 0 ToPort: 65535 ############################################################################## Outputs: SecurityGroupId: Description: The Security Group that was created Value: {Ref: EC2InstanceSecurityGroup1} Value: {Ref: EC2InstanceSecurityGroup2} StackName: Description: Name of this stack for Fn::ImportValue use by children of top level stack Value: {Ref: 'AWS::StackName'}

AWS Copy Security Group

December 28, 2021

You can copy rules from a security group to a new security group created within the same Region.

Open the Amazon Elastic Compute Cloud (Amazon EC2) console.

In the navigation pane, choose Security Groups.
Select the security group you’d like to copy.
For Actions, choose Copy to new.
The Create Security Group dialog opens, and is populated with the rules from your existing security group.
Specify a Security group name and Description for your new security group.
For VPC, choose the ID of the VPC.
Choose Create.

AWS Move Instance to Another Zone

December 23, 2021

Here’s how to move an AWS instance to another zone.

Stop the instance first.

aws ec2 stop-instances --instance-ids i-1234567890abcdef0

Create an AMI image.

aws ec2 create-image \
--instance-id i-1234567890abcdef0 \
--name "my-ami" \
--description "my-ami"

Create EC2 instance using Terraform. The contents of main.tf.

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
    }
  }
}
provider "aws" {
  profile = "default"
  region  = "us-east-1"
}
resource "aws_instance" "ulysses" {
  ami                           = "ami-1234567890abcdef0"
  key_name                      = "servers"
  iam_instance_profile          = "machine-role"
  instance_type                 = "t3.micro"
  subnet_id                     = "subnet-1234567890abcdef0"
  security_groups               = ["sg-1234567890abcdef0", "sg-1234567890abcdef1"]
  tags = {
    Name = "moving-instance"
    tag1 = "test1"
    tag2 = "test2"
  }
}

Launch it.

terraform init
terraform plan
terraform apply