Pages

Monday, July 24, 2023

S3 Bucket delete policy & Identify the Role ID of IAM Role

 We always face the below issue.

While updating the Bucket policy we miss to add our Admin ID under resources and hence we loose permission to modify the bucket. Since Bucket name is unique, we can't create another bucket with same name and we can't access the objects in bucket. so below is the command to delete the corrupted Policy.

aws s3api delete-bucket-policy --bucket my-bucket

After this our bucket will be open to all and we can re-create the policy for the bucket.



To find the Role Name, please run the below command,

aws iam list-roles --query 'Roles[?RoleId==`AROA3ZBMXHWABAXXXXX`]'


To find the Role ID, please run the below command,

aws iam list-roles --query 'Roles[?RoleName==`XXXX-prod-abcd-portal-zdt`]'



Posted by at No comments:

Thursday, July 13, 2023

CLI Command to Delete EBS Volumes in bulk

 To list the Volumes

root@ip-10-251-0-29:~# aws ec2 describe-volumes --filters Name=status,Values=available --query 'Volumes[*].[VolumeId,CreateTime]' --output text --region eu-west-1  | head -10 

        vol-024ada1919d95751f   2023-03-30T08:51:45.082000+00:00

        vol-0b78b5399102720e4   2023-03-30T09:02:03.993000+00:00

        vol-07ee418b2372a8580   2023-03-30T09:02:04.017000+00:00

        vol-0f2d1d8cb7b49236b   2023-03-30T09:02:03.945000+00:00

        vol-09dffaac9e5597062   2023-03-30T09:02:04.110000+00:00

        vol-06ececed4952011ba   2023-03-30T09:02:03.980000+00:00

        vol-0fb364aa16d431757   2023-05-24T07:19:23.422000+00:00

        vol-06051fd7ab09fc67d   2023-05-24T07:25:28.149000+00:00

        vol-035cda60dceaed3dd   2023-05-24T07:31:32.937000+00:00


To Delete oldest 100 volumes

root@ip-10-251-0-29:~# aws ec2 describe-volumes --filters Name=status,Values=available --query 'Volumes[*].[VolumeId]' --output text --region eu-west-1  | head -100 | xargs -n 1 aws ec2 delete-volume --volume-id


To Delete oldest 10 Volumes {ignoring the least one volume}

root@ip-10-251-0-29:~# aws ec2 describe-volumes --filters Name=status,Values=available --query 'Volumes[*].[VolumeId]' --output text --region eu-west-1  | head -10 | tail -9 | xargs -n 1 aws ec2 delete-volume --volume-id




Posted by at No comments:

Wednesday, July 12, 2023

Script to find the latest Branches on GIT Repository

 For every release we create a release branch for every microservice. few times we miss few microservice and it'll fail the deployment. hence i created this script to find the latest release branch on each repository to ensure for a smooth deployment.

1. We need to create reference file with GIT remote URL. we can copy the clone SSH git from each repo and generate this file

>> cat branch.txt

git@github.abc.com:DSC/a-frontend.git

git@github.abc.com:DSC/b-service.git

git@github.abc.com:DSC/c-portal.git

git@github.abc.com:DSC/d-service.git

git@github.abc.com:DSC/e-service.git

git@github.abc.com:DSC/f-service.git

git@github.abc.com:DSC/g-service.git

git@github.abc.com:DSC/h-service.git

git@github.abc.com:DSC/i-service.git

git@github.abc.com:DSC/j-service.git


2. We need to create the script,

>>vi find_branch.sh


#!/bin/bash

# Script to pull the GIT Repositories and find the latest branch"


echo -e "       Summary    " > latest.txt

echo -e "-------------------" >> latest.txt


for i in `cat branch.txt`;

  do

   j=`echo $i | cut -d/ -f2 | cut -d. -f1`

   echo "###################################"

   echo "Sync the $j Git Repository"

   echo "###################################"

   #`git clone $i --recurse-submodules`

   cd $j

   git pull --recurse-submodules

   git branch -r --sort=-committerdate | grep release | head -2

   echo "$j = `git branch -r --sort=-committerdate | grep release | head -1`" >> ../latest.txt

   cd ../

   echo -e "###################################\n\n"

done


cat latest.txt


3. Execute the create the script,

>>./find_branch.sh


Posted by at No comments:

Monday, July 10, 2023

Delete Secret without waiting for 7 days

If we delete secret from AWS Console then we've to wait atleast for 7 days to create with the same name. but here is the command to delete the secret forecefully via CLI command


aws secretsmanager delete-secret --secret-id /DOS/CICD/SERVICE --force-delete-without-recovery --region eu-west-1

{

    "ARN": "arn:aws:secretsmanager:eu-west-1:xxxx:secret:/DOS/CICD/SERVICE-0ApOvK",

    "Name": "/DOS/CICD/SERVICE",

    "DeletionDate": 1688618796.092

Then we can go ahead and delete the secret in AWS Console without waiting time.


Command to read the secret value using AWS CLI

/usr/local/bin/aws secretsmanager get-secret-value --secret-id "$(dirname /${AWS_SM_COMMON})/SERVICE"

Posted by at No comments:

Wednesday, July 5, 2023

AWS CLI SSM Delete with overwrite

 Usually we cannot replace / edit the name of the SSM Parameter. so if you delete the parameter, then for next 7 days we can't create new parameter with the same name.

Solution:

    We need to delete the SSM Parameter with the help CLI and then we can delete in the console


aws secretsmanager delete-secret --secret-id /DOS/CICD/SSMNAME --force-delete-without-recovery --region eu-west-1

{

    "ARN": "arn:aws:secretsmanager:eu-west-1:0000000000:secret:/DOS/CICD/SSMNAME-0ApOvK",

    "Name": "/DOS/CICD/SSMNAME",

    "DeletionDate": 1688618796.092

}

Then we can come back to AWS Console and delete the parameter graphically and then we are allowed immediately to create parameter with same name.


Useful Commands:

To describe / list the SSM Parameters for this AWS Account

    aws ssm describe-parameters --region=eu-west-1


To convert the SSM from string to Securestring

    aws ssm put-parameter --name /DOS/CICD/SSMNAME --value "NEW" --type "SecureString" --overwrite --region=eu-west-1

If the new value is short we can directly mention here if its huge or complicated then just mention NEW/some small word,Then we can go AWS Console and replace it with proper values.


Posted by at No comments:

Tuesday, July 4, 2023

How to be UNAVAILABLE in Teams and Outlook during out of work hours

Nice Video found on Youtube about how to set the status to Out of Office on the off-hours reference our Outlook. 


https://www.youtube.com/watch?v=22rBFkiHgqc


Thank you Mr.Stuart Hasic for your nice explanation.

 

Posted by at No comments:

Grep options

 To grep two words on a file 

            grep -E 'RoleName|RoleId' /tmp/roles.txt

            grep -e RoleName -e RoleId /tmp/roles.txt


To grep Before and after lines from a file

            grep -B1 -A1 RoleId /tmp/roles.txt


To find the IAM Roles on a AWS account

        aws iam list-roles > /tmp/roles.txt

 

Posted by at No comments:
Subscribe to: Posts (Atom)