Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
automating the world

Apollo Clark apolloclark

💭
automating the world
View GitHub Profile
@apolloclark
apolloclark / upgrade_hashistack.sh
Last active May 16, 2020
Bash scripts to upgrade locally installed HashiCorp programs
View upgrade_hashistack.sh
#!/bin/bash -eu
PACKAGE_LIST="terraform packer sentinel vagrant";
for PACKAGE in $PACKAGE_LIST; do
# retrieve a link to the latest version of Terraform
VERSION_LATEST=$(curl -sSLk https://releases.hashicorp.com/index.json \
| jq ".${PACKAGE}.versions | keys | .[]" | tr -d '"' \
| grep -v 'alpha\|beta\|rc\|oci' | sort --version-sort | tail -n1);
View gist:14785e43260bec1026d49f5a4e2d6434
### Keybase proof
I hereby claim:
* I am apolloclark on github.
* I am apolloclark (https://keybase.io/apolloclark) on keybase.
* I have a public key ASC2AayT4Qb7Hxt6BAgO_ocgIbKf0IsyhmdaIalmO43ivAo
To claim this, I am signing this object:
@apolloclark
apolloclark / docker image base oses.md
Last active Oct 14, 2019
Docker Images, Base OS Support Matrix
View docker image base oses.md

"Official Docker Image" Base OS Support Matrix

Analysis was performced on Aug 11, 2019.

Support Matrix

@apolloclark
apolloclark / chef, puppet, ansible.md
Last active Oct 3, 2019
Chef, Puppet, Ansible comparison
View chef, puppet, ansible.md
@apolloclark
apolloclark / build pipelines.md
Last active Jul 17, 2019
Nobody (Almost) Upgrades Servers in 2019
View build pipelines.md

Nobody (Almost) Upgrades Servers Weekly in 2019

No one wants to run old software. We all appreciate using the latest stable version of a given piece of code, be it the OS, a service like Postgres, or an app on your phone. However, it's still difficult to accomplish that. Let's explore why and how to actually fix it.

Outdated Software is Easy to Find

When a company decides to "do security," they often do it to enable the sales team to "sell security." Let us not fool ourselves. No organization does security to make the world a better place. They do it because they realize they can sell to financial services, government, and medical industry customers, or the company has suffered a security breach. After 40+ years of security product marketing, the common wisdom of doing security is to buy: anti-virus, firewall, vulnerability manager, and a static analyzer. The first two have their own limitations, so I'll be focusing on what happens after a vulnerability managers finds something, and how to act

@apolloclark
apolloclark / devsecops.md
Last active Aug 17, 2020
DevSecOps Overview
View devsecops.md

Overview

DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps has becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7 years for security to become integrated within the devops methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their devops and security automation is, and to help them increase that maturity over time.

Criticality

PII and public facing = high
PII and internal facing = medium
no PII and public facing = medium
no PII and internal facing = low

View system testing.md
View SOC Team.md

SOC Team

Interview questions?

  1. Attitude - What do you want to learn?
  2. Knowledge - What do you read for books, blogs, podcasts, Twitter?
  3. Skills - OSI model, nmap, aws-cli, Bash, Powershell, Python?
  4. Tools - Do we have log monitor, alerts, reporting?
  5. Training - Which certs?
  6. Mentorship - How do you want to get trained internally?
View Example SOC Alert Ticket.md

Example SOC Alert Ticket

Summary

Load Balancers without TLS/SSL enabled.

Timeline of Response

  • alert detected on 2019-03-27
  • ticket opened on 2019-03-27
  • must be closed by 2019-04-03, per Company SLA
View aws_inventory.py
#!/usr/bin/python
import skew, json, placebo, os, sys
from pprint import pprint
from datetime import datetime
from elasticsearch import Elasticsearch
# parse command line args
arn_list = {
# logging
You can’t perform that action at this time.