Skip to content

Instantly share code, notes, and snippets.

automating the world

Apollo Clark apolloclark

automating the world
View GitHub Profile
apolloclark /
Created Jan 26, 2021
Google Cloud cheatsheet
# list current config details
gcloud info

# list accounts
gcloud auth list

# list availalbe configs
gcloud config configurations list
apolloclark /
Last active May 16, 2020
Bash scripts to upgrade locally installed HashiCorp programs
#!/bin/bash -eu
PACKAGE_LIST="terraform packer sentinel vagrant";
# retrieve a link to the latest version of Terraform
| jq ".${PACKAGE}.versions | keys | .[]" | tr -d '"' \
| grep -v 'alpha\|beta\|rc\|oci' | sort --version-sort | tail -n1);
View gist:14785e43260bec1026d49f5a4e2d6434
### Keybase proof
I hereby claim:
* I am apolloclark on github.
* I am apolloclark ( on keybase.
* I have a public key ASC2AayT4Qb7Hxt6BAgO_ocgIbKf0IsyhmdaIalmO43ivAo
To claim this, I am signing this object:
apolloclark / docker image base
Last active Jun 30, 2021
Docker Images, Base OS Support Matrix
View docker image base

"Official Docker Image" Base OS Support Matrix

Analysis was performced on Aug 11, 2019.

Support Matrix

apolloclark / chef, puppet,
Last active Jun 30, 2021
Chef, Puppet, Ansible comparison
View chef, puppet,
apolloclark / build
Last active Jul 17, 2019
Nobody (Almost) Upgrades Servers in 2019
View build

Nobody (Almost) Upgrades Servers Weekly in 2019

No one wants to run old software. We all appreciate using the latest stable version of a given piece of code, be it the OS, a service like Postgres, or an app on your phone. However, it's still difficult to accomplish that. Let's explore why and how to actually fix it.

Outdated Software is Easy to Find

When a company decides to "do security," they often do it to enable the sales team to "sell security." Let us not fool ourselves. No organization does security to make the world a better place. They do it because they realize they can sell to financial services, government, and medical industry customers, or the company has suffered a security breach. After 40+ years of security product marketing, the common wisdom of doing security is to buy: anti-virus, firewall, vulnerability manager, and a static analyzer. The first two have their own limitations, so I'll be focusing on what happens after a vulnerability managers finds something, and how to act

apolloclark /
Last active Aug 3, 2021
DevSecOps Overview


DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps has becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7 years for security to become integrated within the devops methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their devops and security automation is, and to help them increase that maturity over time. This model is based on experience consulting with a variety of US Financial, Healthcare, and Department of Defense, organizations, and combines:

View system
View SOC

SOC Team

Interview questions?

  1. Attitude - What do you want to learn?
  2. Knowledge - What do you read for books, blogs, podcasts, Twitter?
  3. Skills - OSI model, nmap, aws-cli, Bash, Powershell, Python?
  4. Tools - Do we have log monitor, alerts, reporting?
  5. Training - Which certs?
  6. Mentorship - How do you want to get trained internally?
View Example SOC Alert

Example SOC Alert Ticket


Load Balancers without TLS/SSL enabled.

Timeline of Response

  • alert detected on 2019-03-27
  • ticket opened on 2019-03-27
  • must be closed by 2019-04-03, per Company SLA