-
How Do I Create a Lifecycle Policy for an S3 Bucket? - Amazon Simple Storage Service
September 22, 2017 at 10:14:20 AM GMT+2 - permalink -To apply this lifecycle rule to all objects in the bucket, choose Next.
That's why wildcard was not working :D
-
http://docs.aws.amazon.com/AmazonS3/latest/user-guide/create-lifecycle.html
-
GitHub - abutaha/aws-es-proxy: aws-es-proxy is a small web server application sitting between your HTTP client (browser, curl, etc...) and Amazon Elasticsearch service.
September 5, 2017 at 5:35:53 PM GMT+2 * - permalink -Amazon Elasticsearch access control may be based on IAM account with signed request mechanism
One way not to rewrite all applications is using such a proxy
-
https://github.com/abutaha/aws-es-proxy
-
Note: List item in dynamo db table
August 18, 2017 at 11:10:05 AM GMT+2 - permalink -aws dynamodb scan --table-name foo
-
https://links.infomee.fr/?AqSZDA
-
Note: Delete dynamo db item in cmdline
August 18, 2017 at 11:08:55 AM GMT+2 - permalink -aws dynamodb delete-item --table-name foo --key "{\"id\":{\"S\":\"$id\"}}"
-
https://links.infomee.fr/?bx3KXg
-
SQS — Boto 3 Docs 1.4.4 documentation
July 12, 2017 at 11:37:59 AM GMT+2 - permalink -On peut "remettre" ou plutot rendre disponible de nouveau un message SQS en changeant sa visibility timeout à 0
-
http://boto3.readthedocs.io/en/latest/reference/services/sqs.html#SQS.Client.change_message_visibility
-
Note: Count object in bucket/folder
July 12, 2017 at 10:12:14 AM GMT+2 - permalink -aws s3 ls s3://bucket/path/ --recursive --summarize | grep "Total Objects:"
-
https://links.infomee.fr/?rcG0hg
-
set-repository-policy — AWS CLI 1.11.117 Command Reference
July 11, 2017 at 5:19:45 PM GMT+2 * - permalink -Truc con : on ne peut pas utiliser le résultat du get-repository-policy dans le set-repository-policy pour cloner.
Il faut au passage enlever les \n qui trainent dans la réponse
-
http://docs.aws.amazon.com/cli/latest/reference/ecr/set-repository-policy.html
-
Amazon Glacier Direct Upload vs Glacier Upload via Amazon S3
June 27, 2017 at 11:01:12 AM GMT+2 - permalink -So you can put your data into glacier with 2 differents ways:
1) directly to glacier via API
2) Store them to s3 then with a management policy, it'll go to GlacierWarning : Huge cost when you download from glacier and when you delete before 3 months
-
https://www.cloudberrylab.com/blog/compare-amazon-glacier-direct-upload-and-glacier-upload-through-amazon-s3/
-
Note: some draft about monitoring beanstalk applications health with boto3 python script
import pprintJune 15, 2017 at 11:12:05 AM GMT+2 * - permalink -
p = pprint.PrettyPrinter(indent=4)
p.pprint(x)
or
import pprint
pprint.pformat(x)
import logging
import pprint
logging.info(pprint.pformat(dict))
$ cat monitor_beanstalk.py
#!/bin/python
import boto3
import pprint
pp = pprint.PrettyPrinter(indent=4)
#List all env and status and instances health
client = boto3.client('elasticbeanstalk')
envs = client.describe_environments()['Environments']
#pp.pprint(envs)
for env in envs:
print 'ApplicationName: {} EnvironmentName: {} Health: {} HealthStatus: {} Status: {}'.format(env['ApplicationName'].ljust(30),env['EnvironmentName'].ljust(30),env['Health'].ljust(10),env.get('HealthStatus', 'N/A').ljust(10),env['Status'].ljust(10))
if (env['Health'] != 'Green') or (env.get('HealthStatus', 'N/A') != 'Ok' and env.get('HealthStatus', 'N/A') != 'N/A'):
print '\nProblem'
details = client.describe_environment_health(EnvironmentName=env['EnvironmentName'],AttributeNames=['All'])
#pp.pprint(details)
print details['Causes']
print details['InstancesHealth']
print '\n'
-
https://links.infomee.fr/?eFFzMg
-
Note: EFS size by api
June 13, 2017 at 11:56:27 AM GMT+2 * - permalink -aws efs describe-file-systems| jq '.FileSystems|.[]|[.Name, .SizeInBytes.Timestamp, .SizeInBytes.Value]' -c
Retourne une ligne par EFS
Sur chaque ligne, un array avec :
[0] = nom de l'efs
[1] = timestamp du moment où la taille a été calculée
[2] = la taille en bytesPour avoir la taille en GB :
aws efs describe-file-systems| jq '.FileSystems|.[]|[.Name, .SizeInBytes.Timestamp, .SizeInBytes.Value / 1024 /1024 / 1024]' -c
aws efs describe-file-systems| jq '.FileSystems|.[]|[.Name, .SizeInBytes.Value / 1024 /1024 / 1024]' -c
-
https://links.infomee.fr/?MzuW2A
-
Example 2: Bucket Owner Granting Cross-Account Bucket Permissions - Amazon Simple Storage Service
Donc pour autoriser un compte externe, on va créer une bucket policy sur notre bucket pour autoriser "arn:aws:iam::account_id:root" ou plus précis sur l'user arn:aws:iam::account_id:user/foobar ou le roleJune 12, 2017 at 8:48:42 AM GMT+2 * - permalink -
C'est le compte en face qui va décider qui a le droit de venir sur notre bucket avec des user policy standard (quand on est dans le contexte du compte en face, c'est comme si le bucket nous appartenait)
Exemple bucket policy à mettre sur le BUCKET de l'account A pour autoriser l'account xxx en RW
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Allow account_xx on aws account xxx RW",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::OTHER_ACCOUNT_ID:root"
},
"Action": ["s3:GetBucketLocation", "s3:ListBucket"],
"Resource": "arn:aws:s3:::BUCKET"
},
{
"Sid": "Allow account_xx on aws account xxx RW",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::OTHER_ACCOUNT_ID:root"
},
"Action": [
"s3:*"
],
"Resource": "arn:aws:s3:::BUCKET/*"
}
]
}
Pour Read only, remplacer action du deuxieme bloc par "Action": ["s3:Get*","s3:List*"],
-
http://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example2.html
-
![thumbnail]()
-
Note: s3 policy one bucket
ReadWrite :May 17, 2017 at 5:02:27 PM GMT+2 * - permalink -
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetBucketLocation", "s3:ListBucket"],
"Resource": [
"arn:aws:s3:::LeBucket"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::LeBucket/*"
]
}
]
}
Pour Read only, remplacer action du deuxieme bloc par "Action": ["s3:Get*","s3:List*"],
-
https://links.infomee.fr/?Vp7r6Q
