cloud engineer
Here’s how to make a hostname stick on Amazon Linux.
Set preserve_hostname to true in /etc/cloud/cloud.cfg.
preserve_hostname: true |
preserve_hostname: true
Set the hostname in /etc/sysconfig/network.
HOSTNAME=server.domain.com NETWORKING=yes NOZEROCONF=yes |
HOSTNAME=server.domain.com NETWORKING=yes NOZEROCONF=yes
Reboot the server to make sure hostname sticks after a reboot.
shutdown -r now |
shutdown -r now
Login to confirm hostname sticks.
Here’s how to enable performance insights on a RDS instance.
Enable
aws rds modify-db-instance \ --db-instance-identifier sample-db-instance \ --enable-performance-insights \ --region us-east-1 \ --profile default |
aws rds modify-db-instance \ --db-instance-identifier sample-db-instance \ --enable-performance-insights \ --region us-east-1 \ --profile default
Disable
aws rds modify-db-instance \ --db-instance-identifier sample-db-instance \ --no-enable-performance-insights \ --region us-east-1 \ --profile default |
aws rds modify-db-instance \ --db-instance-identifier sample-db-instance \ --no-enable-performance-insights \ --region us-east-1 \ --profile default
Here’s a script to list Auto Scaling Groups from multiple AWS accounts. Accounts are in your AWS profiles.
#!/bin/bash file='results-aws-asg.txt' > $file declare -a account=("default" "account-1" "account-2" "account-3" "account-4" "account-5") declare -a region=("us-east-1" "us-east-2" "us-west-1" "us-west-2") for i in "${account[@]}" do echo '----------------------' >> $file echo 'Account: '$i >> $file for j in "${region[@]}" do echo 'Region: '$j >> $file aws autoscaling describe-auto-scaling-groups \ --query "AutoScalingGroups[].[AutoScalingGroupName,LaunchConfigurationName]" \ --profile $i \ --region $j \ --output text >> $file done done |
#!/bin/bash file='results-aws-asg.txt' > $file declare -a account=("default" "account-1" "account-2" "account-3" "account-4" "account-5") declare -a region=("us-east-1" "us-east-2" "us-west-1" "us-west-2") for i in "${account[@]}" do echo '----------------------' >> $file echo 'Account: '$i >> $file for j in "${region[@]}" do echo 'Region: '$j >> $file aws autoscaling describe-auto-scaling-groups \ --query "AutoScalingGroups[].[AutoScalingGroupName,LaunchConfigurationName]" \ --profile $i \ --region $j \ --output text >> $file done done
Here’s my Bash script to login to both AWS and GCP. It has a little bit of intelligence. It checks if you are already logged in, and skips if you are. If not logged in, it will open up the cloud web console which is protected by Okta. The script has been redacted and replace with generic usernames and web pages for security reasons.
#!/bin/bash ## CHECK IF LOGGED IN TO GCP read -p "Login to GCP? (y/n) : " login_gcp if [[ $login_gcp = "y" ]]; then file1="/Users/username/code/etc/auth-gcp.txt" gcloud auth print-identity-token 1> /dev/null 2> $file user=$(gcloud config list account --format "value(core.account)") auth=$(cat "$file" | head -n 1) rm -f $file1 if [[ $auth == "Reauthentication required." ]] || [[ $user != "first.last@domain.com" ]]; then echo "Logging in to Google Cloud Platform." gcloud auth login gcloud auth application-default login open https://okta-login else echo "You are already logged in to Google Cloud Platform." fi else echo "Skipping GCP ... " fi ## CHECK IF LOGGED IN TO AWS read -p "Login to AWS? (y/n) : " login_aws if [[ $login_aws = "y" ]]; then file2=""/Users/username/code/etc/auth-aws.txt"" aws sts get-caller-identity 2> $file2 expired=$(tail -n +2 "$file2") rm -f $file2 if [[ $expired =~ "expired" ]] || [[ $expired =~ "Unable" ]]; then open https://okta-login echo "please wait until web page loads ... " read -p "Press any key to continue... " -n1 -s echo "" basecred='/Users/username/.aws/credentials.base' newcreds='/Users/username/Downloads/credentials' creds='/Users/username/.aws/credentials' if [ ! -f $newcreds ]; then echo 'No AWS credentials.' exit else cat $newcreds $basecred > $creds echo 'New AWS credentials.' sleep 3 rm -f $newcreds fi else echo "You are already logged in to AWS." fi else echo "Skipping AWS ... " fi |
#!/bin/bash ## CHECK IF LOGGED IN TO GCP read -p "Login to GCP? (y/n) : " login_gcp if [[ $login_gcp = "y" ]]; then file1="/Users/username/code/etc/auth-gcp.txt" gcloud auth print-identity-token 1> /dev/null 2> $file user=$(gcloud config list account --format "value(core.account)") auth=$(cat "$file" | head -n 1) rm -f $file1 if [[ $auth == "Reauthentication required." ]] || [[ $user != "first.last@domain.com" ]]; then echo "Logging in to Google Cloud Platform." gcloud auth login gcloud auth application-default login open https://okta-login else echo "You are already logged in to Google Cloud Platform." fi else echo "Skipping GCP ... " fi ## CHECK IF LOGGED IN TO AWS read -p "Login to AWS? (y/n) : " login_aws if [[ $login_aws = "y" ]]; then file2=""/Users/username/code/etc/auth-aws.txt"" aws sts get-caller-identity 2> $file2 expired=$(tail -n +2 "$file2") rm -f $file2 if [[ $expired =~ "expired" ]] || [[ $expired =~ "Unable" ]]; then open https://okta-login echo "please wait until web page loads ... " read -p "Press any key to continue... " -n1 -s echo "" basecred='/Users/username/.aws/credentials.base' newcreds='/Users/username/Downloads/credentials' creds='/Users/username/.aws/credentials' if [ ! -f $newcreds ]; then echo 'No AWS credentials.' exit else cat $newcreds $basecred > $creds echo 'New AWS credentials.' sleep 3 rm -f $newcreds fi else echo "You are already logged in to AWS." fi else echo "Skipping AWS ... " fi
Here’s another script that creates a volume from a snapshot, but also add the tags.
#!/bin/bash read -p "server : " server read -p "volumeId : " volume read -p "snapshotId : " snapshot read -p "region : " region read -p "zone : " zone read -p "profile : " profile # get tags tags1=$(aws ec2 describe-volumes --volume-ids $volume --query 'Volumes[].Tags[]' --region $region --profile $profile) # remove quotes tags2=$(echo "$tags1" | tr -d '"') # remove spaces tags3=$(echo $tags2 | sed 's/ //g') # replace : with = tags4=$(echo $tags3 | sed 's/:/=/g') # if empty value replace with quotes tags5=$(echo $tags4 | sed 's/Value=}/Value=""}/g') # create volume aws ec2 create-volume \ --availability-zone $zone \ --encrypted \ --iops 3000 \ --volume-type gp3 \ --snapshot-id $snapshot \ --tag-specifications 'ResourceType=volume,Tags='$tags5'' \ --region $region \ --profile $profile |
#!/bin/bash read -p "server : " server read -p "volumeId : " volume read -p "snapshotId : " snapshot read -p "region : " region read -p "zone : " zone read -p "profile : " profile # get tags tags1=$(aws ec2 describe-volumes --volume-ids $volume --query 'Volumes[].Tags[]' --region $region --profile $profile) # remove quotes tags2=$(echo "$tags1" | tr -d '"') # remove spaces tags3=$(echo $tags2 | sed 's/ //g') # replace : with = tags4=$(echo $tags3 | sed 's/:/=/g') # if empty value replace with quotes tags5=$(echo $tags4 | sed 's/Value=}/Value=""}/g') # create volume aws ec2 create-volume \ --availability-zone $zone \ --encrypted \ --iops 3000 \ --volume-type gp3 \ --snapshot-id $snapshot \ --tag-specifications 'ResourceType=volume,Tags='$tags5'' \ --region $region \ --profile $profile