Anjul Sahu anjuls

## SAST Tools.md

      
              1 file
            
          
              2 forks
            
          
              0 comments
            
          
              3 stars
            
          
                OTaKuHP
                / SAST Tools.md
            
            
              Last active
              January 21, 2023 06:19
            
          
    SAST Tools

Curated list of security tools
💰 - Commercial Tool
Secrets Detection

Proactive


## secure-gcp-checklist.md

      
              1 file
            
          
              7 forks
            
          
              0 comments
            
          
              8 stars
            
          
                mikesparr
                / secure-gcp-checklist.md
            
            
              Created
              January 11, 2021 02:37
            
              
                Secure Google Cloud Platform Checklist
              
          
    Secure GCP infrastructure checklists

Initial setup


 Configure org policies

 Restrict allowed IAM domains
 Disable key download
 Disable default network
 Disable external IP
 Require shielded VM


 Prepare for VPC service controls (data protection)


## Clean up Unused and Orphaned Persistent Disks
# Clean up Unused and Orphaned Persistent Disks

# Enable APIs and Clone Repository
gcloud services enable cloudscheduler.googleapis.com
git clone https://github.com/GoogleCloudPlatform/gcf-automated-resource-cleanup.git && cd gcf-automated-resource-cleanup/
export PROJECT_ID=$(gcloud config list --format 'value(core.project)' 2>/dev/null)
WORKDIR=$(pwd)

# Create Persistent Disks
cd $WORKDIR/unattached-pd

## ckad-learning.md

      
              1 file
            
          
              14 forks
            
          
              7 comments
            
          
              40 stars
            
          
                benc-uk
                / ckad-learning.md
            
            
              Last active
              November 8, 2023 23:12
            
              
                CKAD Exam
              
          
    Official Exam Links & Resources


Main certification landing page
Handbook
Importannt Tips
CKAD FAQ

The Exam Itself


CNCF Training Portal
System Checker


## cka-resources.md

      
              1 file
            
          
              46 forks
            
          
              0 comments
            
          
              53 stars
            
          
                strongjz
                / cka-resources.md
            
            
              Last active
              April 1, 2023 18:35
            
              
                CKA resources
              
          
    Tools

Kops	https://github.com/kubernetes/kops/blob/master/docs/README.md
Kubectl	https://kubernetes.io/docs/tasks/tools/install-kubectl/
kubespy	https://blog.pulumi.com/kubespy-trace-a-real-time-view-into-the-heart-of-a-kubernetes-service
kops	https://icicimov.github.io/blog/virtualization/Kubernetes-Cluster-in-AWS-with-Kops/

Presentations

  
## create-user.sh
#!/bin/bash
#
# Create Kubernetes user. Require cfssl.
#
# Usage:
#   ./create-user.sh <kubernetes api host> <fulle name> <clusterrole>
#
# Example:
#   ./create-user.sh k8s-api.my-domain.com "Jane Doe" my-project:admin

## kubectl-root-in-host.sh
#!/bin/sh
# Launch a Pod ab-using a privileged=true to land on a Kubernetes node cluster as root,
# uses `privileged: true` to then nsenter init mount its (root) namespace,
# hostPID and hostNetwork already set for the Pod.
node=${1}
case "${node}" in
"")
    nodeSelector=''
    podName=${USER+${USER}-}sudo-any
    ;;

## reinvent-2017-youtube.md

      
              1 file
            
          
              73 forks
            
          
              3 comments
            
          
              258 stars
            
          
                stevenringo
                / reinvent-2017-youtube.md
            
            
              Created
              December 3, 2017 23:01
            
              
                 Links to YouTube recordings of AWS re:Invent 2017 sessions
              
          
    | Title | Description

  
## restricted-psp.yaml
apiVersion: extensions/v1beta1
kind: PodSecurityPolicy
metadata:
  name: restricted
  annotations:
    seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
    apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
    seccomp.security.alpha.kubernetes.io/defaultProfileName:  'docker/default'
    apparmor.security.beta.kubernetes.io/defaultProfileName:  'runtime/default'
spec:

## create-large-file.sh
# Please note, the commands below will create unreadable files and should be
# used for testing file size only. If you're looking for something that has
# lines in it, use /dev/urandom instead of /dev/zero. You'll then be able to
# read the number of lines in that file using `wc -l large-file.1mb.txt`

# Create a 1MB file
dd if=/dev/zero of=large-file-1mb.txt count=1024 bs=1024

# Create a 10MB file
dd if=/dev/zero of=large-file-10mb.txt count=1024 bs=10240
	# Clean up Unused and Orphaned Persistent Disks

	# Enable APIs and Clone Repository
	gcloud services enable cloudscheduler.googleapis.com
	git clone https://github.com/GoogleCloudPlatform/gcf-automated-resource-cleanup.git && cd gcf-automated-resource-cleanup/
	export PROJECT_ID=$(gcloud config list --format 'value(core.project)' 2>/dev/null)
	WORKDIR=$(pwd)

	# Create Persistent Disks
	cd $WORKDIR/unattached-pd
	#!/bin/bash
	#
	# Create Kubernetes user. Require cfssl.
	#
	# Usage:
	# ./create-user.sh <kubernetes api host> <fulle name> <clusterrole>
	#
	# Example:
	# ./create-user.sh k8s-api.my-domain.com "Jane Doe" my-project:admin
	#!/bin/sh
	# Launch a Pod ab-using a privileged=true to land on a Kubernetes node cluster as root,
	# uses `privileged: true` to then nsenter init mount its (root) namespace,
	# hostPID and hostNetwork already set for the Pod.
	node=${1}
	case "${node}" in
	"")
	nodeSelector=''
	podName=${USER+${USER}-}sudo-any
	;;
	apiVersion: extensions/v1beta1
	kind: PodSecurityPolicy
	metadata:
	name: restricted
	annotations:
	seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
	apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
	seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'
	apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
	spec:
	# Please note, the commands below will create unreadable files and should be
	# used for testing file size only. If you're looking for something that has
	# lines in it, use /dev/urandom instead of /dev/zero. You'll then be able to
	# read the number of lines in that file using `wc -l large-file.1mb.txt`

	# Create a 1MB file
	dd if=/dev/zero of=large-file-1mb.txt count=1024 bs=1024

	# Create a 10MB file
	dd if=/dev/zero of=large-file-10mb.txt count=1024 bs=10240