aws – Page 2

April 27, 2020

AWS CLI AutoScaler Update

Here’s the AWS CLI command to set the Auto Scaling Group to a certain number for the minimum, maximum, and desired number of instances.

#!/bin/bash
# Format:  
# ./autoscaling.sh 3
# ./autoscaling.sh 0
int=$1
aws autoscaling update-auto-scaling-group \
--auto-scaling-group-name your-auto-scaling-group \
--min-size $int \
--max-size $int \
--desired-capacity $int \
--region us-east-2

Format:

./autoscaling.sh 0
./autoscaling.sh 3

April 21, 2020

WAF CloudFormation Template

Here’s the CloudFormation template for creating a WAF.

Here are some options that you’ll be asked during creation.

Activate SQL Injection Protection ( yes | no )
Activate Cross-site Scripting Protection ( yes | no )
Activate HTTP Flood Protection ( WAF rate | Lambda log parser | Athena log parser | no )
Activate Scanner & Probe Protection ( Lambda log parser | Athena log parser | no )
Activate Reputation List Protection ( yes | no )
Activate Bad Bot Protection ( yes | no )
Endpoint Type (CloudFront or ALB)
Application Access Log Bucket Name ( Leave blank if no S3 bucket)

The template creates 2 CloudFormation stacks.

April 17, 2020

AWS WAF IP Set

Here’s how to get the WAF rule.

aws waf-regional get-rule \
--rule-id xxxxxxxxxxxxxxxxxxxxxxxxxxx

Here’s how to get the AWS WAF IP set.

aws waf-regional get-ip-set \
--ip-set-id xxxxxxxxxxxxxxxxxxx \
--region us-east-1 \
--profile your-profile

Here’s how to get the latest token.

aws waf-regional get-change-token

Result is similar to this.

{
    "ChangeToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}

Create a JSON file called “change.json” to be used for updating the IP set. We will insert and delete an IP set.

[
    {
        "Action": "INSERT",
        "IPSetDescriptor":
        {
            "Type": "IPV4",
            "Value": "12.34.56.78/24"
        }
    },
    {
        "Action": "DELETE",
        "IPSetDescriptor":
        {
            "Type": "IPV6",
            "Value": "1111:0000:0000:0000:0000:0000:0000:0111/128"
        }
    }
]

Finally, here’s how to update the IP set.

aws waf-regional update-ip-set \
--ip-set-id xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \
--change-token xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \
--region us-east-1 \
--profile default \
--updates file://change.json

AWS CLI AutoScaler Update

WAF CloudFormation Template

Cloud

Linux

Git