Here’s how to get a list of certificates in AWS Certificate Manager.
aws acm list-certificates \ --profile default \ --region us-east-1 \ --output text \ --query 'CertificateSummaryList[*].{ARN:CertificateArn,Domain:DomainName}' |
list
AWS WAF IP Set
Here’s how to get the WAF rule.
aws waf-regional get-rule \
--rule-id xxxxxxxxxxxxxxxxxxxxxxxxxxx |
Here’s how to get the AWS WAF IP set.
aws waf-regional get-ip-set \ --ip-set-id xxxxxxxxxxxxxxxxxxx \ --region us-east-1 \ --profile your-profile |
Here’s how to get the latest token.
aws waf-regional get-change-token |
Result is similar to this.
{
"ChangeToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
} |
Create a JSON file called “change.json” to be used for updating the IP set. We will insert and delete an IP set.
[
{
"Action": "INSERT",
"IPSetDescriptor":
{
"Type": "IPV4",
"Value": "12.34.56.78/24"
}
},
{
"Action": "DELETE",
"IPSetDescriptor":
{
"Type": "IPV6",
"Value": "1111:0000:0000:0000:0000:0000:0000:0111/128"
}
}
] |
Finally, here’s how to update the IP set.
aws waf-regional update-ip-set \ --ip-set-id xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ --change-token xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ --region us-east-1 \ --profile default \ --updates file://change.json |
GCP Instances By Service Account
Here’s how to get a list of GCP instances using a specific service account.
gcloud compute instances list \ --filter="serviceAccounts.email=service-account@domain.com" \ --project project-id |
To display all instances and their service accounts in JSON format.
gcloud compute instances list \ --format="json(name,serviceAccounts[].email)" \ --project your-project-id |
Display in YAML which is also the Default.
gcloud compute instances list \ --format="default(name,serviceAccounts[].email)" \ --project your-project-id |
GCP Projects List
Here’s how to get a list of GCP projects.
gcloud projects list |
Result:
PROJECT_ID NAME PROJECT_NUMBER your-project-id-xxxx servers xxxxxxxxxxxx |
Use awk to display the project id only.
gcloud projects list | awk '{print $1}' |
Result
PROJECT ID your-project-id-xxxx |
IAM List Access Keys
Here’s how to list all the access keys in AWS via Python.
import logging import boto3 from botocore.exceptions import ClientError # set aws profile session = boto3.Session(profile_name="default") # get list of users iam = session.client('iam') users = iam.list_users() # display results print("{0:<20} {1:<25} {2:<15} {3:<10}".format('UserName', 'AccessKey', 'Status', 'CreateDate')) print("----------------------------------------------------------------------------------------") for a in users['Users']: user = a['UserName'] # get keys keys = iam.list_access_keys(UserName=user) for b in keys['AccessKeyMetadata']: username = b['UserName'] accesskeyid = b['AccessKeyId'] status = b['Status'] createdate = str(b['CreateDate']) print("{0:<20} {1:<25} {2:<15} {3:<10}".format(username, accesskeyid, status, createdate)) |
GCP Lists Disk Per Project
Here’s the Google Cloud Platform (GCP) GCloud command to list all disks in a specific project.
gcloud compute disks list --project yourprojectname |
AWS CLI List ACM Certificates
If you’ve imported or created a SSL certificate via AWS Certificate Manager, here’s the CLI to display a list of certificates.
aws acm list-certificates |
Once you have the arn, you can describe certificate. Get the arn from the output above.
aws acm describe-certificate --certificate-arn arn-xxxxxxxxxxxxxxxxxx |
Apps to Install on Linux Mint
I recently started using Linux Mint again. Although it contains many excellent apps, there are a few things that are missing. So, here’s a list of programs that I have installed ✅ or will be installing on Linux Mint in the near future.
- ✅ sublime text 3
- ✅ lastpass
- ✅ discord
- ✅ aws cli
- ✅ ffmpeg
- ✅ handbrake
- ✅ git
- ✅ vim
- ✅ emacs
- ✅ tor
- ✅ slack
- ✅ docker
- virtualbox