-
Encrypting Your Unencrypted RDS Instance with Python
Importance of Encryption Encrypting your RDS instance is a crucial security measure to protect your data. Unencrypted databases are vulnerable to unauthorized access if compromised. Encryption applies AES-256 encryption to your DB instance and snapshots, securing it from unauthorized access and meeting compliance requirements. Enabling encryption best aligns with AWS security best practices for data… Continue reading
-
Encrypt EBS Volume for an already launched EC2 Instance
Why Encrypt EBS Volumes? Encryption of EBS volumes is considered a security best practice for several reasons. Encryption protects sensitive data at rest in your EBS volumes from unauthorized access if the volumes become detached from an instance. Encryption uses AES-256 cryptographic algorithm to encrypt your volumes, which meets rigorous security standards. You maintain… Continue reading
-
Python/boto3 script to dump AWS Subnet information into a CSV File
Script Name – getSubnetInfo.py How to run the script: Make sure you have python3 installed and configured and is in path. Script takes takes 3 arguments. Usage: python getSubnetInfo.py -id 123456789 -r us-east-1 -f /tmp/subnetnfoList.csv You can run this python script against all of your AWS Accounts and all of the region by – Invoking… Continue reading
-
Python/Boto3 Script to list all the AWS resources in Default VPC across all the listed AWS Regions
Sometime you need to list all the AWS resources provisioned under Default VPC and you would like to list all such resources to get the visibility before you decide to delete the Default VPC. I wrote one python/boto3 script that lists all such resources and dump it in a CSV file. You can also invoke… Continue reading
-
Python/boto3 script to generate a CSV report for all the AWS Security groups NOT attached to any resource
Recently while working the customer, I was asked if there is any way to find all the Security groups that are NOT attached to any resources. It was more from housekeeping perspective. Ofcourse one can find it from within the AWS Console but the problem multiplies many fold if you are operating out of hundreds… Continue reading
-
Collection of some very useful scripts that you can run against your AWS Workload to generate various reports in CSV format
1.Script to generate Amazon EC2 Inventory report 2.Script to generate Amazon RDS Inventory report How to run the script: Make sure you have python/python3 installed, configured and is in path. Script takes 3 arguments. Usage: python <script_name> -id <AWS Account ID> -r <AWS Region> -f <CSV file name with path> e.g. if the script name… Continue reading
-
Boto3/Python script to list down all the EC2 instances making calls to Instance Metadata using IMDSv1
This blogpost is in context of recently released update to AWS EC2 instance metadata service (IMDSv2) for improving security and adding an additional defence in depth layer. Recently encoutered a scenariio where customer would like to get the list of EC2 instances that can be safely upgraded to IMDSv2 – without any impact to the… Continue reading
-
“git push” keeps asking password [Deprecating password authentication]
Today morning while pushing the changes to the github repository, I was constantly asked to provide the username and password at the console. Despite passing the correct username and password, I was not able to push the changes and rather message below It was working fine till yesterday night and hence was wondering what could… Continue reading
-
Boto3 script to delete existing VPC Interface Endpoints from a given AWS Account
Recently developed a script using Boto3 and Python to delete specific VPC Interface Endpoints. These endpoints were deployed as part of landing zone resources but are not being used currently. Such resources incur cost and hence if not used, it is good to remove them to save some cost. Intent is to call this script… Continue reading
About Me
I’m a Hands-On Technical & Entrprise Solutions Architect based out of Houston, TX. I have been working on Oracle ERP, Oracle Database and Cloud technologies for over 20 years and still going strong for learning new things.
You can connect me on Linkedin and also reach out to me
I am certified for 8x AWS, OCP (Oracle Certified Professionals), PMP, ITTL and 6 Sigma.
Disclaimer
This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the blog owner and do not represent those of people, institutions or organizations that the owner may or may not be associated with in professional or personal capacity, unless explicitly stated.
All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site.
The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. Any script available on the blog post MUST be tested before they are run against Production environment.
Recent Posts
- Encrypting Your Unencrypted RDS Instance with Python
- Encrypt EBS Volume for an already launched EC2 Instance
- Python/boto3 script to dump AWS Subnet information into a CSV File
- Python/Boto3 Script to list all the AWS resources in Default VPC across all the listed AWS Regions
- Python/boto3 script to generate a CSV report for all the AWS Security groups NOT attached to any resource