Uly.me

cloud engineer

  • Home
  • About
  • Archives
Home/Archives for delete

January 6, 2021

Linux Delete User

Here’s how to delete a Linux user.

userdel username

userdel username

Delete user and the home directory.

userdel -f username

userdel -f username

October 29, 2020

GCP SSL Certificates

Here’s how to create a regional SSL Certificate.

gcloud compute ssl-certificates create my-ssl-cert \
--description "describe ssl certificate" \
--domains=domain1.com,domain2.com \
--certificate=cert.pem \
--private-key=private.key \
--region=us-central1

gcloud compute ssl-certificates create my-ssl-cert \ --description "describe ssl certificate" \ --domains=domain1.com,domain2.com \ --certificate=cert.pem \ --private-key=private.key \ --region=us-central1

List the SSL certificates.

gcloud compute ssl-certificates list --project=project-id

gcloud compute ssl-certificates list --project=project-id

Describe the SSL certificate.

gcloud compute ssl-certificates describe my-ssl-cert \
--region=us-central1 \
--project=project-id

gcloud compute ssl-certificates describe my-ssl-cert \ --region=us-central1 \ --project=project-id

Delete SSL certificate.

gcloud compute ssl-certificates delete my-ssl-cert \
--region=us-central1 \
--project=project-id

gcloud compute ssl-certificates delete my-ssl-cert \ --region=us-central1 \ --project=project-id

July 26, 2020

AWS Rotate IAM Keys

Here’s a script that will rotate AWS IAM keys.

#!/bin/bash
# set files
user='johndoe'
newkey='/root/new-access-key.json'
oldkey='/root/old-access-key.json'
credentials='/root/.aws/credentials'
# get old credentials
aws iam list-access-keys --user-name $user > $oldkey
okey=$(jq .AccessKeyMetadata[0].AccessKeyId $oldkey | tr -d \")
# create new key
aws iam create-access-key --user-name $user > $newkey
# get new access keys and new secret
nkey=$(jq .AccessKey.AccessKeyId $newkey | tr -d \")
nsecret=$(jq .AccessKey.SecretAccessKey $newkey | tr -d \")
# backup old credentials
cp /root/.aws/credentials /root/.aws/credentials-backup
# store the new key
echo '[default]' > $credentials
echo 'aws_access_key_id = ' $nkey >> $credentials
echo 'aws_secret_access_key = '$nsecret >> $credentials
sleep 10
# delete old key
aws iam delete-access-key --user-name $user --access-key-id $okey
rm $newkey
rm $oldkey

#!/bin/bash # set files user='johndoe' newkey='/root/new-access-key.json' oldkey='/root/old-access-key.json' credentials='/root/.aws/credentials' # get old credentials aws iam list-access-keys --user-name $user > $oldkey okey=$(jq .AccessKeyMetadata[0].AccessKeyId $oldkey | tr -d \") # create new key aws iam create-access-key --user-name $user > $newkey # get new access keys and new secret nkey=$(jq .AccessKey.AccessKeyId $newkey | tr -d \") nsecret=$(jq .AccessKey.SecretAccessKey $newkey | tr -d \") # backup old credentials cp /root/.aws/credentials /root/.aws/credentials-backup # store the new key echo '[default]' > $credentials echo 'aws_access_key_id = ' $nkey >> $credentials echo 'aws_secret_access_key = '$nsecret >> $credentials sleep 10 # delete old key aws iam delete-access-key --user-name $user --access-key-id $okey rm $newkey rm $oldkey

The script performs the following:

  1. Retrieves the current key
  2. Creates a new key
  3. Backup the current credentials file
  4. Create a new credentials file
  5. Deletes the old key
  6. Deletes the temp files
  7. Done

December 20, 2019

AWS CLI IAM Keys

Here’s a few commands to create, delete and disable AWS user keys.

List user keys.

aws iam list-access-keys --user-name john.doe

aws iam list-access-keys --user-name john.doe

Create access key. Results are printed on screen in JSON format.

aws iam create-access-key --user-name john.doe

aws iam create-access-key --user-name john.doe

Disable a key. The real key id is obfuscated.

aws iam update-access-key \
--access-key-id ******************** \
--status Inactive \
--user-name john.doe

aws iam update-access-key \ --access-key-id ******************** \ --status Inactive \ --user-name john.doe

Delete a key. They real key id is obfuscated.

aws iam delete-access-key \
--access-key-id ******************** \
--user-name john.doe

aws iam delete-access-key \ --access-key-id ******************** \ --user-name john.doe

November 27, 2019

Set Immutable Attribute

If you don’t want a file edited or deleted, you can set the immutable attribute to ON. If activated, not even root or the owner of the file can delete it. Users with write access can still read it, but they obviously will not be able to modify it. To unset it, just use the -i option.

# Set immutable attribute
sudo chattr +i text.txt
 
# Unset immutable attribute
sudo chattr -i text.txt

# Set immutable attribute sudo chattr +i text.txt # Unset immutable attribute sudo chattr -i text.txt

  • 1
  • 2
  • 3
  • 4
  • Next Page »
  • Cloud
  • Linux
  • Git

Copyright © 2012–2021