Friday, 27 July 2018

Example How to work with User and Instance profile in AWS IAM using CLI

How to create an IAM user and attach the user policy and group: 
aws iam --create-user --user-name james 
attach the user policy-AdministratorAccess: 
aws iam attach-user-policy --policy-arn arn:aws:iam::aws:policy/AdministratorAccess --user-name james
Add user to group: aws iam add-user-to-group --group-name admin --user-name james

How to Delete user and its policy :
aws iam detach-user-policy --user-name james --policy-arn arn:aws:iam::aws:policy/AdministratorAccess
Note: Before you delete the user, you should remove the user from the group if the user is added into the group 

  • Remove user from the group: aws iam remove-user-from-group --group-name admin --user-name james
  • Delete the user: aws iam delete-user --user-name james 

Create and Delete an instance profile Example: 
aws iam create-instance-profile --instance-profile-name WebserverProfile
aws iam add-role-to-instance-profile --instance-profile-name WebserverProfile --role-name role_ec2S3Fullaccess
Note: Before you delete the instance profile you need to detach the role from the instance profile 

  • aws iam remove-role-from-instance-profile --instance-profile-name WebserverProfile --role-name role_ec2S3Fullaccess 
  • aws iam delete-instance-profile --instance-profile-name WebserverProfile

Monday, 2 July 2018

How to Validate the AWS CloudFormation Template and execute the Dry-Run

Commands for validate the Cloudformation file and Run the CloudFormation template as a Dry-Run. The file can be in a json or yaml format To Run the below AWS commands on your terminal you should first install awscli and configure the user credentials and also a cloudformation template running in your region to which we are going to change some resources in the template and update the cfn template and run as dry-run and check the changes are valid or not and then execute the changes.

$ aws cloudformation validate-template --template-body file:///home/local/test/example.json

Working with ChangeSet:


create a changeset: aws cloudformation create-change-set --stack-name stackID|stackName --change-set-name changesetname --use-previous-template --parameters ParameterKey="InstanceType",UsePreviousValue=true ParameterKey="KeyPairName",UsePreviousValue=true ParameterKey="Purpose",ParameterValue="production"
View the changeset:
To get the ID of the change set, run the aws cloudformation list-change-sets command: aws cloudformation list-change-sets --stack-name stackID|stackName
Run the aws cloudformation describe-change-set command specifying the ID of the change set that you want to view: aws cloudformation describe-change-set --change-set-name changesetID
Execute the changeset: aws cloudformation execute-change-set --change-set-name changesetID
Delete the changeset: aws cloudformation delete-change-set --change-set-name changesetID

Friday, 7 July 2017

How can I shut down or reboot Ubuntu using terminal commands?

For Shutdown:
$sudo poweroff
(or)
$sudo shutdown -h now
(or)
$sudo halt
(or)
$sudo init 0
For Restart:
$sudo reboot
(or)
$sudo shutdown -r now
(or)
$sudo init 6

For Ubuntu 15.04 and later:
systemctl poweroff
systemctl reboot
systemctl suspend
systemctl hibernate
systemctl hybrid-sleep

Ubuntu 16.04 no need of say sudo also
To shutdown :
poweroff
To Reboot :
reboot

Install docker on Ubuntu 16.04 using command line interface (CLI)

Prerequisites
  • 64-bit Ubuntu 16.04 server
  • Ubuntu 16.04 Operating System
  • Step1 Installing Docker First, add the GPG key for the official Docker repository to the system: $curl -fsSL https://download.docker.com/linux/ubuntu/gpg |sudo apt-key add - Add the Docker repository to APT sources: $sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" update the package database with the Docker packages from the newly added repo: $sudo apt-get update Make sure you are about to install from the Docker repo instead of the default Ubuntu 16.04 repo: $apt-cache policy docker-ce Check that its Running: $sudo systemctl status docker Step2 Executing the Docker Command Without Sudo $sudo usermod -aG docker ${USER} $sudo usermod -aG docker username restart the machine $sudo shutdown -r now verify the docker commands are running without sudo: $docker info step3 Working with Docker Images $docker search ubuntu $docker pull ubuntu $docker run ubuntu $docker images step4 Running a Docker Container $docker run -it ubuntu root@d9b100f2f636:/# step5 Pushing Docker Images to a Docker Repository $docker login -u docker-registry-username $docker push docker-registry-username/docker-image-name

    Wednesday, 14 June 2017

    Write a bash script which remove all the ECS-Task Definition except the latest one

    !/bin/bash rev_arry=$(aws ecs list-task-definitions --family-prefix <taskdef_name> --query taskDefinitionArns[]|cut -f7 -d :| cut -c1-2) maxrev_num=($rev_arry) arrlen=$((${#maxrev_num[@]}-2)) latest_revision=$(aws ecs list-task-definitions --family <taskdef_name> --sort desc --max-items 1 --query taskDefinitionArns|cut -c64-65) n="1" while [ $n -lt $arrlen ] do if [ ${maxrev_num[n]} -eq $latest_revision ]; then n=$[$n+1] fi delrevision=${maxrev_num[n]} aws ecs deregister-task-definition --task-definition <taskdef_name>:$delrevision echo "ecr taskdefiniton:$delrevision is deleted" n=$[$n+1] done

    How do we install the PhpMyAdmin on ec2 instance and dockerize the phpmyadmin

    phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web Prechecklist: Install php yum -y install php make sure we have all these packages: rpm -qa | grep php php-common-5.4.16-42.el7.x86_64 php-fedora-autoloader-1.0.0-1.el7.noarch php-mysql-5.4.16-42.el7.x86_64 php-5.4.16-42.el7.x86_64 php-mbstring-5.4.16-42.el7.x86_64 php-php-gettext-1.0.12-1.el7.noarch php-bcmath-5.4.16-42.el7.x86_64 php-pdo-5.4.16-42.el7.x86_64 php-cli-5.4.16-42.el7.x86_64 php-tidy-5.4.16-7.el7.x86_64 php-gd-5.4.16-42.el7.x86_64 php-tcpdf-dejavu-sans-fonts-6.2.13-1.el7.noarch phpMyAdmin-4.4.15.10-1.el7.noarch php-xml-5.4.16-42.el7.x86_64 php-process-5.4.16-42.el7.x86_64 php-tcpdf-6.2.13-1.el7.noarch yum install php-mysqlnd . (A module for PHP applications that use MySQL databases) Install apache webserver on centos yum -y install httpd systemctl start httpd systemctl enable httpd systemctl status httpd Installation steps for phpMyAdmin: Add the EPEL Repository: CentOS and Red Hat Enterprise Linux 6.x wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm sudo rpm -Uvh epel-release-6*.rpm CentOS and Red Hat Enterprise Linux 7.x wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm sudo rpm -Uvh epel-release-latest-7*.rpm Install phpMyAdmin yum -y update yum -y install phpmyadmin Basic configuration for phpMyAdmin vi /etc/httpd/conf.d/phpMyAdmin.conf By default, the configuration for phpMyAdmin only allows access from the server on which it is installed. Find the following sections and change each IP address to the one you found in Step 3, or another IP address that will be connecting to phpMyAdmin remotely: <Directory /usr/share/phpMyAdmin/> AddDefaultCharset UTF-8 <IfModule mod_authz_core.c> # Apache 2.4 <RequireAny> Require ip 127.0.0.1 Require ip ::1 Replace the above block ,with the below mentioned code <Directory /usr/share/phpMyAdmin/> AddDefaultCharset UTF-8 <IfModule mod_authz_core.c> # Apache 2.4 <RequireAny> # Require ip 127.0.0.1 # Require ip ::1 Require all granted Database configuration file vi /etc/phpMyadmin/config.inc.php changes: $cfg['Servers'][$i]['host'] : Mention the endpoint of database $cfg['Servers'][$i][&#8216;port&#8217;] : Mention the port number $cfg['Servers'][$i]['extension'] : &#8216;mysqli &#8216;;// The php MYSQL extension to use Restart apache: systemctl restart httpd Dockerizing the phpmyadmin using the Dockerfile: FROM centos #FROM httpd:latest #RUN yum install -y update RUN yum install -y httpd #RUN systemctl start httpd #RUN systemctl enable httpd RUN yum install -y php RUN yum install -y php-mysqlnd php-fpm php-dba RUN yum install -y epel-release Run yum install -y phpmyadmin RUN mkdir -p /etc/phpMyAdmin COPY ./config.inc.php /etc/phpMyAdmin/config.inc.php COPY ./phpMyAdmin.conf /etc/httpd/conf.d/phpMyAdmin.conf EXPOSE 80 ADD run-httpd.sh /run-httpd.sh RUN chmod -v +x /run-httpd.sh CMD ["/run-httpd.sh"] #RUN service httpd start #CMD ["systemctl", "start", "httpd"] #CMD [ "httpd" , "start" ] #CMD [ "httpd" , "enable" ] References: ------------ https://www.liquidweb.com/kb/how-to-install-and-configure-phpmyadmin-on-centos-7/ https://www.digitalocean.com/community/tutorials /how-to-install-and-secure-phpmyadmin-with-apache-on-a-centos-7-server

    write a bash script which remove all the images from the ECR except the latest image

    !/bin/bash $myecs_securitytoken=$(aws ecr get-authorization-token --region <region_name> --output text --query authorizationData[].authorizationToken) $myecs_securitytoken tag=$(aws ecr list-images --repository-name <repository_name> --output text --query imageIds[].imageTag) imgflag=($tag) buildnum=$(curl --user <user_name>:uservalue$ http://<IP_address>: <port_no>/rest/api/latest/result/<BambooPlan_name>.json |sed 's/"buildNumber":/&\n/;s/.\n//;s/}/\n&/;s/\n.//' ) n="0" while [ $n -lt ${#imgflag[@]} ] do if [ ${imgflag[n]} -eq $buildnum ]; then n=$[$n+1] fi delimg=${imgflag[n]} aws ecr batch-delete-image --repository-name <repository_name> --image-ids imageTag=$delimg echo "ecr imagetag:$delimg is deleted" n=$[$n+1] done note: The images are differentiate with the image tags as a Bamboo build number All the images tags are collected in imgflag and iterate one by one and delete the images using the image tag