• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Search

Cloud

GCP VM Display Label

July 12, 2023

Here’s how to display GCP VM labels.

Display all labels.

gcloud compute instances describe VM --zone ZONE --project PROJECT_ID --format="value(labels)"

gcloud compute instances describe VM --zone ZONE --project PROJECT_ID --format="value(labels)"

Display a specific label.

gcloud compute instances describe VM --zone ZONE --project PROJECT_ID --format="value(labels.key)"

gcloud compute instances describe VM --zone ZONE --project PROJECT_ID --format="value(labels.key)"

Filed Under: Cloud Tagged With: display, gcp, labels, vm

GCP Adding Labels To Snapshots

July 1, 2023

Here’s how to add labels to snapshots. It will cycle through from a list of disks.

#!/bin/bash
ts=$(date +%Y%m%d-%H%M%S)
log="add-labels-logs-$ts"
>$log
disks='manual-disks.txt'
now=$(date +%s)
epoch=$(date +%s -d "+14 days")
while read -r project snapshot; do
   echo "Project: $project"
   gcloud compute snapshots add-labels $snapshot --labels=delete-after=$epoch --project $project
done < $disks

#!/bin/bash ts=$(date +%Y%m%d-%H%M%S) log="add-labels-logs-$ts" >$log disks='manual-disks.txt' now=$(date +%s) epoch=$(date +%s -d "+14 days") while read -r project snapshot; do echo "Project: $project" gcloud compute snapshots add-labels $snapshot --labels=delete-after=$epoch --project $project done < $disks

Filed Under: Cloud Tagged With: add, gcp, labels, snapshots

AWS Terraform Create Policy and Attach

June 21, 2023

Here’s the Terraform code that creates an AWS IAM policy and attaches it to an existing role (ROLENAME).

# CREDENTIALS
provider "aws" {
  shared_credentials_files = ["~/.aws/credentials"]
  shared_config_files      = ["~/.aws/config"]
  profile                  = "default"
  region                   = "us-east-1"
}
# CREATE POLICY
resource "aws_iam_policy" "s3-policy" {
    name        = "s3-policy"
    description = "Allow role to write to bucket"
    policy = "${file("policy.json")}"
}
# ATTACH POLICY TO ROLE
resource "aws_iam_role_policy_attachment" "s3-policy-attachment" {
  role       = "ROLENAME"
  policy_arn = aws_iam_policy.s3-policy.arn
}

# CREDENTIALS provider "aws" { shared_credentials_files = ["~/.aws/credentials"] shared_config_files = ["~/.aws/config"] profile = "default" region = "us-east-1" } # CREATE POLICY resource "aws_iam_policy" "s3-policy" { name = "s3-policy" description = "Allow role to write to bucket" policy = "${file("policy.json")}" } # ATTACH POLICY TO ROLE resource "aws_iam_role_policy_attachment" "s3-policy-attachment" { role = "ROLENAME" policy_arn = aws_iam_policy.s3-policy.arn }

Here’s the policy.json file.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl",
                "s3:ListBucket",
                "s3:GetBucketLocation",
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:DeleteObject"
             ],
            "Resource":"arn:aws:s3:::your-bucket/*"
            }
        }
    ]
}

{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:ListBucket", "s3:GetBucketLocation", "s3:GetObject", "s3:GetObjectAcl", "s3:DeleteObject" ], "Resource":"arn:aws:s3:::your-bucket/*" } } ] }

Filed Under: Cloud Tagged With: aws, policies, roles, terraform

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Interim pages omitted …
  • Go to page 127
  • Go to Next Page »
  • Home
  • About
  • Search

Copyright © 2023