Besides IAM users, some AWS services can also assume roles. Here is the example of granting assume role permission to a EC2 instance. The scenario is that I have two accounts: In account A, I created a role (e.g RoleForB) to trust account B, and add a IAM policy to allow it to perform some read … Continue reading EC2 Instance assume role in other accounts
AWS cross accounts access S3 buckets
When working on AWS cross accounts S3 access, I found out that - Only s3:CreateBucket, s3:ListAllMyBuckets and s3:GetBucketLocation 3 actions are allowed to set relative-id of Resource to "*". For all other bucket actions, you must specify a bucket name. E.g If I want to allow a user from account B to put objects into … Continue reading AWS cross accounts access S3 buckets
Akamai Error Reference Translator
Instead of use the Akamai console, I wrote a script to translate the error code into human readable language. It can be downloaded from here To run the script, you need to get the API token, secret ... from your Akamai admin first. It is under Configure/ Manage API in the console. How it looks … Continue reading Akamai Error Reference Translator
Generate python script for SCORCH runbook
I wrote a simple script called py4runbook.py to generate python scripts for Microsoft system center orchestrator runbooks. Thanks to the module pyHyperV, it makes my work much easier 🙂 The script can be downloaded from my github repo. It looks like following when it runs. The script needs Python version 3. The generated python scripts … Continue reading Generate python script for SCORCH runbook
Install Kubernetes
Above is the Kubernetes design architecture. In my POC environment, I have written a script to install and configure the kubernetes. I have tested it on the RHEL 7, I think it should work on CentOS 7 as well but have not tested yet. Please be aware that the script uses the latest codes from … Continue reading Install Kubernetes
Jackie Chen's IT Workshop 