How to use Chef to add Proxy server configuration on a Windows Host:
How to use Chef to add Proxy server configuration on a Windows Host?
Following is a Chef recipe:
registry_key 'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings' do
values [{:name => 'MigrateProxy', :type => :dword, :data => '00000001'},
{:name => 'ProxyEnable', :type => :dword, :data => '00000001'},
{:name => 'ProxyHttp1.1', :type => :dword, :data => '00000000'},
{:name => 'ProxyServer', :type => :dword, :data => 'http://proxy.mgt.example.au:3128'},
{:name => 'ProxyOverride', :type => :dword, :data => '<local>'}
]
action :create
end Version a CloudFormation template
Any suggestions to version the CloudFormation template? I suggested to use the description field:
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "4.5.180 - General Platform Resources",
"Metadata" : {
},
"Parameters" : {
"PlatformParameter" : {
"Type" : "String",
"Description" : "Platform Environment"
},
"VPCId" : {
"Type" : "String",
"Description" : "Select Platform to Deploy to."
},
"DBDataTierA" : {
"Type" : "String",
"Description" : "AZ A - Web Tier"
},
"DBDataTierB" : {
"Type" : "String",
"Description" : "AZ B - Web Tier"
}
},
Stop/Start RDS Instance
RDS Managed Instances are one of the top expends in AWS.
Stop/Start RDS Instance script in Python, provide a Tag "Shutdown" and "StartUp". You can program this via a Lambda handler.
from __future__ import print_function
import boto3
from datetime import datetime, timedelta
prof_name = "" # Profile Name Identifier
acc_number = "" # AWS Account Number
#boto3.setup_default_session(profile_name=prof_name)
def rds_start(list_instances):
for instance in list_instances:
this_inst = instance.split(",")
db_instance_id = this_inst[0]
environment = this_inst[1]
print ("{0} (UTC): Starting Instance '{1}' from Environment '{2}'".format(datetime.utcnow(), db_instance_id, environment))
boto3.client('rds').start_db_instance(DBInstanceIdentifier=db_instance_id)
def rds_stop(list_instances):
for instance in list_instances:
this_inst = instance.split(",")
db_instance_id = this_inst[0]
environment = this_inst[1]
print("{0} (UTC): Stopping Instance '{1}' from Environment '{2}'".format(datetime.utcnow(), this_inst[0], this_inst[1]))
boto3.client('rds').stop_db_instance(DBInstanceIdentifier=db_instance_id)
def lambda_handler(event, context):
rds = boto3.client('rds')
instances_to_start = []
instances_to_stop = []
# Date calculation
date = datetime.utcnow() + timedelta(hours=10)
current_hour = date.hour
current_day = date.weekday()
print("Running State Change Script for hour {0} on day {1}".format(current_hour, current_day))
try:
# get all of the db instances
dbs = rds.describe_db_instances()
for db in dbs['DBInstances']:
#print("--------------------------------------------")
print("Checking RDS Instance: {0} {1} {2} {3} {4}".format(db['DBInstanceIdentifier'], db['MasterUsername'], db['Endpoint']['Address'], db['Endpoint']['Port'], db['DBInstanceStatus']) )
arn = "arn:aws:rds:ap-southeast-2:" + acc_number + ":db:" + db['DBInstanceIdentifier']
# print("{0}".format(arn))
tags = rds.list_tags_for_resource(ResourceName=arn)
# print (tags)
instance_id = db['DBInstanceIdentifier']
current_status = db['DBInstanceStatus']
environment = ""
startup = ""
shutdown = ""
for tg in tags['TagList']:
if tg['Key'] == 'Environment':
environment = tg['Value']
if tg['Key'] == 'StartUp':
startup = tg['Value']
if tg['Key'] == 'Shutdown':
shutdown = tg['Value']
if environment == "PROD": # Skip prod
if startup != "":
print("Skipping Production RDS Instance. Do not assign StartUp/Shutdown Tags to PROD instances.")
if shutdown != "":
print("Skipping Production RDS Instance. Do not assign StartUp/Shutdown Tags to PROD instances.")
continue
if startup != "":
startup_schedule = startup.split(" ")
print("StartUp: {0}".format(startup_schedule))
if (int(startup_schedule[current_day]) == current_hour):
if current_status == "stopped" : instances_to_start.append(instance_id + "," + environment)
if shutdown != "":
shutdown_schedule = shutdown.split(" ")
print("Shutdown: {0}".format(shutdown_schedule))
if (int(shutdown_schedule[current_day]) == current_hour):
if current_status == "available": instances_to_stop.append(instance_id + "," + environment)
#print("--------------------------------------------")
if (len(instances_to_start) == 0): print ("{0} (UTC): No instances to start at this time.".format(datetime.utcnow()))
if (len(instances_to_stop) == 0): print ("{0} (UTC): No instances to stop at this time.".format(datetime.utcnow()))
rds_start(instances_to_start)
rds_stop(instances_to_stop)
except Exception as error:
print(error)
lambda_handler(0, 0)
Chef recipe to Download and Install a Windows Certificate
Chef recipe to Download and Install a Windows Certificate (pfx format) to a Windows host:
powershell_script 'download_www_prod' do
code <<-EOH
$S3BucketName="infrastructurebkt"
$Key="certificates/Prod/www.examplesite.gov.au.pfx"
$targetPath="C:/source/www.examplesite.au.pfx"
Read-S3Object -BucketName $S3BucketName -Key $Key -file $targetPath
EOH
creates 'C:/source/www.examplesite.au.pfx'
end
windows_certificate "C:/source/www.examplesite.au.pfx" do
pfx_password "SUPERSECRETPWD"
endREADME Template
What should a good README hold?
My suggestions:
# README #
This README would normally document whatever steps are necessary to get your application up and running.
### What is this repository for? ###
* Quick summary
* Version
* [Learn Markdown](https://bitbucket.org/tutorials/markdowndemo)
### How do I get set up? ###
* Summary of set up
* Configuration
* Dependencies
* Database configuration
* How to run tests
* Deployment instructions
### Contribution guidelines ###
* Writing tests
* Code review
* Other guidelines
### Who do I talk to? ###
* Repo owner or admin
* Other community or team contactCreate S3 temporary expiring URL
Create S3 temporary expiring URL:
import boto3
s3Client = boto3.client('s3')
url = s3Client.generate_presigned_url('get_object', Params = {'Bucket': 'myinstallfiles', 'Key': 'folder/file.xml'}, ExpiresIn = 100)
print (url)
Find Unused and/or Rarely Used Amazon Workspaces
We all know atbout the famous 3C - Cloud Cost Creep, how cloud costs can get out of control and you get that shock when you receive the love letter at the end of the month - aka "Monthly bill" :)
One major area is leakage is Compute that is left running and Amazon Workspaces are no difference in that matter. The following Python script checks unused Workspaces so you can clean them up.
import boto3
from datetime import datetime, timedelta
boto3.setup_default_session(profile_name='vicroads')
ws = boto3.client('workspaces')
### calculate time diffrence
def calculate_age(date):
now = datetime.utcnow().date()
then = date.date()
age = now - then
return age.days
### return Workspace UserName
def user_name(wsid):
items = ws.describe_workspaces()
for item in items['Workspaces']:
if item['WorkspaceId'] == wsid:
return item['UserName']
# Body
days= 50
items = ws.describe_workspaces_connection_status()
dis_num=0
List_Idle=[]
never_num=0
List_Never=[]
for item in items['WorkspacesConnectionStatus']:
lastknown = item.get('LastKnownUserConnectionTimestamp')
if item['ConnectionState'] == "DISCONNECTED":
if lastknown is not None and calculate_age(lastknown) > days:
dis_num +=1
List_Idle.append("User name: "+user_name(item['WorkspaceId'])+" with workspace id ("+item['WorkspaceId']+") has been idle for "+str(calculate_age(lastknown))+".")
if lastknown is None:
never_num +=1
List_Never.append("User name: "+user_name(item['WorkspaceId'])+" with workspace id ("+item['WorkspaceId']+") has not been used yet.")
if dis_num > 0:
print ("==========================================================")
print (dis_num," workspaces has been disconnected for more than ", days,":")
print ("==========================================================")
for i in List_Idle:
print (i,"\n")
if never_num > 0:
print ("==========================================================")
print (never_num," workspaces has never been used:")
print ("==========================================================")
for j in List_Never:
print (j,"\n")