Skip to content

Instantly share code, notes, and snippets.

Avatar
:octocat:
Focusing

Bharathkumar Bharathkumarraju

:octocat:
Focusing
View GitHub Profile
View error.log
amazon-ebs: },
amazon-ebs: "os_useradd_create_home": true,
amazon-ebs: "os_useradd_mail_dir": "/var/spool/mail"
amazon-ebs: },
amazon-ebs: "ansible_included_var_files": [
amazon-ebs: "/root/.ansible/roles/dev-sec.os-hardening/vars/RedHat.yml"
amazon-ebs: ],
amazon-ebs: "ansible_loop_var": "item",
amazon-ebs: "changed": false,
amazon-ebs: "item": "/root/.ansible/roles/dev-sec.os-hardening/vars/RedHat.yml"
View packer_vars.json
{
"gcp_image_family": "rhel-7",
"gcp_zone": "asia-southeast1-a",
"gcp_ssh_user": "gce-user",
"aws_region": "ap-southeast-1",
"aws_ami_filter_name": "RHEL-7.7*x86*",
"aws_base_ami_owner": "309956199498",
"aws_ami_name": "RHEL-7.7",
"aws_instance_type": "t2.medium",
"aws_ssh_user": "ec2-user"
View hardening.yml
---
- name: Harden the image
hosts: all
become: true
roles:
- dev-sec.os-hardening
- dev-sec.ssh-hardening
vars:
ssh_use_pam: true # to allow access with our key on ec2
View sample_rhel_packer.json
{
"variables": {
"aws_access_key": "{{env `AWS_ACCESS_KEY`}}",
"aws_secret_key": "{{env `AWS_SECRET_KEY`}}",
"aws_instance_type": "{{env `AWS_INSTANCE_TYPE`}}",
"aws_ami_name": "{{env `AWS_AMI_NAME`}}",
"aws_region": "{{env `AWS_REGION`}}",
"aws_ami_filter_name": "{{env `AWS_AMI_FILTER_NAME`}}",
"aws_base_ami_owner": "{{env `AWS_BASE_AMI_OWNER`}}"
},
View Sample_docker_file
ARG ALPINE_VERSION=3.11
FROM alpine:${ALPINE_VERSION}
# packages version
ARG PACKER_VERSION=1.6.0
# PARAMETERS
ARG PACKER_URL="https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip"
View sample aws policy for packer
{
"Statement": [
{
"Sid": "PackerSecurityGroupAccess",
"Action": [
"ec2:CreateSecurityGroup",
"ec2:DeleteSecurityGroup",
"ec2:DescribeSecurityGroups",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:RevokeSecurityGroupIngress"
@Bharathkumarraju
Bharathkumarraju / list_all_k8s_resources.sh
Last active May 19, 2020
List all available api resources in all namespaces in kubernetes cluster
View list_all_k8s_resources.sh
#! /bin/bash
ALL_RESOURCES=$(kubectl api-resources | awk 'NR>1' | awk '{print $1}' | xargs echo)
for i in $ALL_RESOURCES
do
echo -e "$i\n------------------------------------------------------------------"
kubectl get $i --all-namespaces
echo -e "\n"
done
View interrupt_a_job_opt.yml
jobs:
should_run:
name: should run the next job
runs-on: ubuntu-latest
steps:
- name: check if vb is the commiter
if: github.event.pusher.name != 'vibou'
run: exit 1 # the job fails if not vibou
perform_action:
name: should run the next job
@Bharathkumarraju
Bharathkumarraju / networking.tf
Created Oct 1, 2019 — forked from duduribeiro/networking.tf
Terraform staging - networking.tf
View networking.tf
module "networking" {
source = "../modules/networking"
environment = "${var.environment}"
vpc_cidr = "${var.vpc_cidr}"
public_subnet_cidr = "${var.public_subnet_cidr}"
private_subnet_cidr = "${var.private_subnet_cidr}"
region = "${var.region}"
availability_zone = "${var.availability_zone}"
key_name = "${var.key_name}"
}
View Dockerfile
# dump build stage
FROM postgres:11-alpine as dumper
COPY test_dump.sql /docker-entrypoint-initdb.d/
RUN ["sed", "-i", "s/exec \"$@\"/echo \"skipping...\"/", "/usr/local/bin/docker-entrypoint.sh"]
ENV PG_USER=postgres
ENV PGDATA=/data
You can’t perform that action at this time.