In order to allow read access from the S3 Bucket for all members included in the organization, the following policy must be applied to the S3 Bucket: Where "stackset-lambdas" is the S3 Bucket name and "o-xxxxxxxxxx" is your Organization ID.
This Python script gets a list of all regions, finds EC2 instances, RDS instances and ASG in them, and if there is no "prevent_stop" tag equal to "true" on the resource, then it stops this resource, and in the case of ASG it scaledown it to 0. main.py: List of required permissions to run …
Continue reading "Lambda – For stopping EC2 instances, RDS instances and ASG downscale in all regions"
This Python script creates events in PagerDuty using APIv2. The following script was taken as a basis. First you need to create a "Routing Key", aka "Integration Key", not to be confused with "API Access Key", which can be used for any API calls, we only need a key from a specific service. Go to …
Continue reading "PagerDuty – Python script for creating events"
AWS Transfer supports 3 protocols: SFTP, FTP, and FTPS. And only SFTP can have a public endpoint, FTP/FTPS can only be run inside a VPC. Also for login/password authorization, you must use a custom provider, you can find more information about this here. Goal: Create an AWS Transfer server for the FTP protocol, the service …
Continue reading "AWS Transfer – Public FTP"
To remove all unused images, you can use the following command:
When creating an RDS by specifying an incorrect value for the "ParameterGroupFamily" parameter, a similar error may occur: Error creating DB Parameter Group: InvalidParameterValue: ParameterGroupFamily default.mariadb10.2 is not a valid parameter group family To see a list of all possible values for the "ParameterGroupFamily" parameter, you can use the following command:
By default, Docker Compose does not set any size limits for logs. For example, let’s set the limit to 10 MB and the maximum number of files for rotation – 10.
For quick testing of Nginx regular expressions, you can use a ready-made docker image. To do this, you need to clone the NGINX-Demos repository: Follow to the "nginx-regex-tester" directory: And launch the container using "docker-compose": And open the next page: http://localhost/regextester.php
At the time of writing, EKS Fargate does not support a driver log for recording to CloudWatch. The only option is to use Sidecar Let’s create a ConfigMap, in which we indicate the name of the EKS cluster, region and namespace: Next, let’s create a service account and a ConfigMap with a configuration file …
Continue reading "AWS – EKS Fargate – Fluentd CloudWatch"
Goal: There are 2 namespaces, they are "kube-system" and "default". It is necessary to run a cron task in the "kube-system" namespace, which will clear the executed jobs and pods in the "default" space. To do this, create a service account in the "kube-system" namespace, a role with the necessary rights in the …
Continue reading "Kubernetes – One role for multiple namespaces"