Find EC2 instances not reporting to SSM (Python)

- Reading time: 2 minutes

Find EC2 instances not reporting to SSM

# This script look for Instances not reporting/online in SSM

import boto3
import os

lambda_func_name = os.getenv("AWS_LAMBDA_FUNCTION_NAME", "")

if lambda_func_name == "":  # We are not running in AWS
    boto3.setup_default_session(profile_name='iconwater')

ec2 = boto3.resource('ec2')

instances_missing_in_ssm = []

def send_alert():
    alert_data = ""
    topic_arn = os.getenv("TopicARN", "")

    if topic_arn == "":
        print("send_alert: Missing topic ARN. Returning without sending alert.")
        return

    for m in instances_missing_in_ssm:
        alert_data  = alert_data + m +"\n\n"

    subject = os.getenv('CustomerID', '') + " - Missing Managed (SSM) Instances"
    message = "The following instances are offline or not reporting to SSM: \n\n" + alert_data

    print("send_alert: *** Sending alert ***")
    print("send_alert: Message: {0}".format(message))

    client = boto3.client('sns')
    response = client.publish(TargetArn=topic_arn,
                              Message=message,
                              Subject=subject)

def check_instance_ssm_status(instance_id):

    #print ("Checking {}".format(instance_id))

    client_ssm = boto3.client('ssm', region_name='ap-southeast-2')
    # Check running or stopped instances
    response = client_ssm.describe_instance_information(
        InstanceInformationFilterList=[
            {
                'key': 'InstanceIds',
                'valueSet': [
                    instance_id,
                ]
            },
        ]
    )

    #print (response)

    for r in response['InstanceInformationList']:
        #print(r)
        return r['PingStatus']

def find_instances_not_with_ssm():
    result_str = ""

    client_ec2 = boto3.client('ec2', region_name='ap-southeast-2')
    # Check running or stopped instances
    response = client_ec2.describe_instances(
        Filters=[
            {
                'Name': 'instance-state-name',
                'Values': ['running', 'stopped']
            }
        ])
    # Iterate over instance(s)
    for r in response['Reservations']:
        for inst in r['Instances']:
            inst_id = inst['InstanceId']
            tags = inst['Tags']
            # Check the Name tag
            for tag in tags:
                if 'Name' in tag['Key']:
                    ins_name = (tag['Value'])
                    break
                else:
                    ins_name = "{No-Name}"

            inst_id = inst['InstanceId']
            ssm_status = check_instance_ssm_status(inst_id)

            if ssm_status != 'Online':
                instances_missing_in_ssm.append(inst_id)

            #s = "{} ({})".format(ins_name, inst['InstanceId'])

    return len(instances_missing_in_ssm)

def lambda_handler(event, context):

    ret = find_instances_not_with_ssm()

    if (ret > 0):
        send_alert()

    return 0

if __name__ == "__main__":
    lambda_handler(0, 0)

One line Chrome installer in Windows

- Reading time: ~1 minute

It is often said that Internet Explorer is the best browser to Download Chrome :) Well you cna use Powershell as well:

$LocalTempDir = $env:TEMP; $ChromeInstaller = "ChromeInstaller.exe"; (new-object    System.Net.WebClient).DownloadFile('http://dl.google.com/chrome/install/375.126/chrome_installer.exe', "$LocalTempDir\$ChromeInstaller"); & "$LocalTempDir\$ChromeInstaller" /silent /install; $Process2Monitor =  "ChromeInstaller"; Do { $ProcessesFound = Get-Process | ?{$Process2Monitor -contains $_.Name} | Select-Object -ExpandProperty Name; If ($ProcessesFound) { "Still running: $($ProcessesFound -join ', ')" | Write-Host; Start-Sleep -Seconds 2 } else { rm "$LocalTempDir\$ChromeInstaller" -ErrorAction SilentlyContinue -Verbose } } Until (!$ProcessesFound)

Get all updates installed on a Windows system

- Reading time: ~1 minute

Windows patching is so much more complicated than Linux (yum install -y :)

Here is a script to list all applied patches on a Windows ssystem:

$Session = New-Object -ComObject "Microsoft.Update.Session"
$Searcher = $Session.CreateUpdateSearcher()
$FormatEnumerationLimit=-1
$historyCount = $Searcher.GetTotalHistoryCount()

$Searcher.QueryHistory(0, $historyCount) | Select-Object Title, Description, Date, @{name="Operation"; expression={switch($_.operation)
{

        1 {"Installation"}; 2 {"Uninstallation"}; 3 {"Other"}

}}} -ExpandProperty Title > C:/Temp/ListOfWindowsUpdates.txt

My GIT Cheatsheet

- Reading time: 5 minutes

Setup
$ git config --global user.email "shariqmus@gmail.com"
$ git config --global user.name "Shariq Mustaquim"
$ git config --list (To Check)

Using Commits
$ git clone https://shariq_mustaquim@bitbucket.org/vrrlmop/aws_infrastructure.git
local_folder_name
$ cd local_folder_name
$ touch abc.txt
$ nano abc.txt
[..Type Something..]
$ git status
$ git add <filename>
$ git rm --chached <filename>
$ git commit -m "First commit"

Pushing a commit
$ git remote (to check)
$ git branch (to check)
$ git diff --stat origin/master
$ git diff --stat <remote-name>/<branch/name>
$ git push origin master (put to server repo)
$ git pull origin master (get from server repo)

Merge/Conflicts
You will get error on push
Do a pull
Resolve merge
Push again

Branching/Merging

$ git branch <branch_name>
$ git checkout -b <branch_name> <- One Command
$ git branch <- my local branches
$ git branch -r (remote)
$ git checkout master <- switch branch
> To merge, checkout target branch
then 'git merge <dev_branch>
$ git branch -d <branch_name> (delete branch)
$ git push origin master <- push to server

New Project
git config --global user.email "shariqmus@<email_provider>.com"
git config --global user.name "Shariq Mustaquim"
git config --list (To Check)
cd c:/code/git
mkdir firstprj
cd firstprj
git init
git add README.md
vim index.html [...Add something in the file...]
git add .
git commit -m "first commit"
git remote add origin https://github.com/shariqmus/firstprj.git
git push -u origin master

Create a develop branch
git branch (to check)
git branch develop (to create branch)
git checkout develop (to checkout and switch to branch)
vim index.html [...Add new code...]
git add .
git commit -m "new updates" .
git push -u origin develop

Create a new repository on the command line
echo "# firstprj" >> README.md
git init
git add README.md
git commit -m "first commit"
git remote add origin https://github.com/shariqmus/firstprj.git
git push -u origin master

Push an existing repository from the command line
git remote add origin https://github.com/shariqmus/firstprj.git
git push -u origin master

Import code from another repository
You can initialize this repository with code from a Subversion, Mercurial, or TFS project.

To Discard your local changes and continue
$ git fetch --all
$ git reset --hard origin/master
$ git pul

Add user to sudoers (RHEL)

- Reading time: ~1 minute 
$ sudo su

# adduser iwadmin

# passwd <password>

# usermod -aG wheel iwadmin

# vi /etc/sudoers

[...add this line after root line:...]

iwadmin    ALL=(ALL)       ALL

Reboot an AWS EC2 Instance (Python)

- Reading time: ~1 minute 
from __future__ import print_function
import sys
import boto3
from botocore.exceptions import ClientError

boto3.setup_default_session(profile_name='default')

instance_id = 'i-094cf9bbbea2bdfbd' #sys.argv[2]
#action = sys.argv[1].upper()

ec2 = boto3.client('ec2')

# Do a dryrun first to verify permissions
try:
    ec2.start_instances(InstanceIds=[instance_id], DryRun=True)
except ClientError as e:
    if 'DryRunOperation' not in str(e):
        raise

# Dry run succeeded, run start_instances without dryrun
try:
    response = ec2.start_instances(InstanceIds=[instance_id], DryRun=False)
    print(response)
except ClientError as e:
    print(e)