Here’s how to delete a Linux user.
userdel username |
Delete user and the home directory.
userdel -f username |
GCP SSL Certificates
Here’s how to create a regional SSL Certificate.
gcloud compute ssl-certificates create my-ssl-cert \ --description "describe ssl certificate" \ --domains=domain1.com,domain2.com \ --certificate=cert.pem \ --private-key=private.key \ --region=us-central1 |
List the SSL certificates.
gcloud compute ssl-certificates list --project=project-id |
Describe the SSL certificate.
gcloud compute ssl-certificates describe my-ssl-cert \ --region=us-central1 \ --project=project-id |
Delete SSL certificate.
gcloud compute ssl-certificates delete my-ssl-cert \ --region=us-central1 \ --project=project-id |
AWS Rotate IAM Keys
Here’s a script that will rotate AWS IAM keys.
#!/bin/bash # set files user='johndoe' newkey='/root/new-access-key.json' oldkey='/root/old-access-key.json' credentials='/root/.aws/credentials' # get old credentials aws iam list-access-keys --user-name $user > $oldkey okey=$(jq .AccessKeyMetadata[0].AccessKeyId $oldkey | tr -d \") # create new key aws iam create-access-key --user-name $user > $newkey # get new access keys and new secret nkey=$(jq .AccessKey.AccessKeyId $newkey | tr -d \") nsecret=$(jq .AccessKey.SecretAccessKey $newkey | tr -d \") # backup old credentials cp /root/.aws/credentials /root/.aws/credentials-backup # store the new key echo '[default]' > $credentials echo 'aws_access_key_id = ' $nkey >> $credentials echo 'aws_secret_access_key = '$nsecret >> $credentials sleep 10 # delete old key aws iam delete-access-key --user-name $user --access-key-id $okey rm $newkey rm $oldkey |
The script performs the following:
- Retrieves the current key
- Creates a new key
- Backup the current credentials file
- Create a new credentials file
- Deletes the old key
- Deletes the temp files
- Done
AWS CLI IAM Keys
Here’s a few commands to create, delete and disable AWS user keys.
List user keys.
aws iam list-access-keys --user-name john.doe |
Create access key. Results are printed on screen in JSON format.
aws iam create-access-key --user-name john.doe |
Disable a key. The real key id is obfuscated.
aws iam update-access-key \ --access-key-id ******************** \ --status Inactive \ --user-name john.doe |
Delete a key. They real key id is obfuscated.
aws iam delete-access-key \ --access-key-id ******************** \ --user-name john.doe |
Set Immutable Attribute
If you don’t want a file edited or deleted, you can set the immutable attribute to ON. If activated, not even root or the owner of the file can delete it. Users with write access can still read it, but they obviously will not be able to modify it. To unset it, just use the -i option.
# Set immutable attribute sudo chattr +i text.txt # Unset immutable attribute sudo chattr -i text.txt |
- 1
- 2
- 3
- 4
- Next Page »