Curated list of security tools
💰 - Commercial Tool
# Clean up Unused and Orphaned Persistent Disks | |
# Enable APIs and Clone Repository | |
gcloud services enable cloudscheduler.googleapis.com | |
git clone https://github.com/GoogleCloudPlatform/gcf-automated-resource-cleanup.git && cd gcf-automated-resource-cleanup/ | |
export PROJECT_ID=$(gcloud config list --format 'value(core.project)' 2>/dev/null) | |
WORKDIR=$(pwd) | |
# Create Persistent Disks | |
cd $WORKDIR/unattached-pd |
Tools
Presentations
#!/bin/bash | |
# | |
# Create Kubernetes user. Require cfssl. | |
# | |
# Usage: | |
# ./create-user.sh <kubernetes api host> <fulle name> <clusterrole> | |
# | |
# Example: | |
# ./create-user.sh k8s-api.my-domain.com "Jane Doe" my-project:admin |
#!/bin/sh | |
# Launch a Pod ab-using a privileged=true to land on a Kubernetes node cluster as root, | |
# uses `privileged: true` to then nsenter init mount its (root) namespace, | |
# hostPID and hostNetwork already set for the Pod. | |
node=${1} | |
case "${node}" in | |
"") | |
nodeSelector='' | |
podName=${USER+${USER}-}sudo-any | |
;; |
| Title | Description
apiVersion: extensions/v1beta1 | |
kind: PodSecurityPolicy | |
metadata: | |
name: restricted | |
annotations: | |
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' | |
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' | |
seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' | |
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' | |
spec: |
# Please note, the commands below will create unreadable files and should be | |
# used for testing file size only. If you're looking for something that has | |
# lines in it, use /dev/urandom instead of /dev/zero. You'll then be able to | |
# read the number of lines in that file using `wc -l large-file.1mb.txt` | |
# Create a 1MB file | |
dd if=/dev/zero of=large-file-1mb.txt count=1024 bs=1024 | |
# Create a 10MB file | |
dd if=/dev/zero of=large-file-10mb.txt count=1024 bs=10240 |