anthonygrees

{
  "reportName": "AWS Reesy Test 1",
  "reportType": "COMPLIANCE",
  "subReportType": "AWS",
  "reportDefinition": {
    "sections": [
      {
        "category": "1",
        "title": "1: Identity and Access Management",
        "policies": [

anthonygrees

apiVersion: v1
kind: Service
metadata:
  name: lacework-proxy-scanner
  namespace: proxy-scanner
  labels:
    app: lacework-proxy-scanner
spec:
  type: LoadBalancer
  ports:

anthonygrees

NAME                                                  TITLE
abusiveexperiencereport.googleapis.com                Abusive Experience Report API
acceleratedmobilepageurl.googleapis.com               Accelerated Mobile Pages (AMP) URL API
accessapproval.googleapis.com                         Access Approval API
accesscontextmanager.googleapis.com                   Access Context Manager API
actions.googleapis.com                                Actions API
adexchangebuyer-json.googleapis.com                   Ad Exchange Buyer API
adexchangebuyer.googleapis.com                        Ad Exchange Buyer API II
adexchangeseller.googleapis.com                       Ad Exchange Seller API
adexperiencereport.googleapis.com                     Ad Experience Report API

anthonygrees

## You can use `arn:aws:iam::aws:policy/ReadOnlyAccess ` 
##
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "elasticloadbalancing:DescribeLoadBalancers",

anthonygrees

Kubernetes Overview & Security

K8s Abbreviation Reference: https://github.com/cncf/foundation/blob/master/style-guide.md#:~:text=Abbreviation%3A%20K8s%20(sometimes%20k8s),which%20gets%20the%20capitalization%20wrong

Kubernetes.io reference: https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/

Microservice architecture: https://divante.com/blog/wp-content/uploads/2020/01/Frame-1.png

K8s Component icons: https://docs.google.com/presentation/d/15h_MHjR2fzXIiGZniUdHok_FP07u1L8MAX5cN1r0j4U

anthonygrees

Splunk AD account lockout dashboard

index=windows eventtype="msad-account-lockout" (host=*) 
| eval src_nt_host=if(isnull(src_nt_host),host,src_nt_host) 
| eval lockout=if(EventCode==644 OR EventCode==4740,"Yes","No")
| stats latest(_time) AS time, latest(src_nt_host) AS host, latest(lockout) AS lockout by dest_nt_domain, user
| search lockout="Yes"
| eval ltime=strftime(time,"%c")
| table ltime, user, host

anthonygrees

Set up ZSH on your Mac

Use this blog.

https://www.freecodecamp.org/news/how-to-configure-your-macos-terminal-with-zsh-like-a-pro-c0ab3f3c1156/

anthonygrees

Removing Ruby 2.5 (core/ruby) AND Chef Infra Server and Workflow from the AIB

Creating the AIB

1. Clone the Automate source with git

git clone https://github.com/chef/automate.git
cd automate

2. Checkout the branch that updates InSpec to a version that uses Ruby 2.6

anthonygrees

Centos

aws ec2 describe-images \
    --owners aws-marketplace \
    --filters '[
        {"Name": "name",                "Values": ["CentOS Linux 7*"]},
        {"Name": "virtualization-type", "Values": ["hvm"]},
        {"Name": "architecture",        "Values": ["x86_64"]},
        {"Name": "image-type",          "Values": ["machine"]}

anthonygrees

aws_lambda

Use the aws_lambda resource to test a specific lambda.

Syntax

    describe aws_lambda do
      it { should exist}    
      its ('handler') { should eq 'main.on_event'}
 its ('version') { should eq '$LATEST' }