Skip to content

Instantly share code, notes, and snippets.

automating the world

Apollo Clark apolloclark

automating the world
View GitHub Profile
apolloclark /
Last active May 16, 2020
Bash scripts to upgrade locally installed HashiCorp programs
#!/bin/bash -eu
PACKAGE_LIST="terraform packer sentinel vagrant";
# retrieve a link to the latest version of Terraform
| jq ".${PACKAGE}.versions | keys | .[]" | tr -d '"' \
| grep -v 'alpha\|beta\|rc\|oci' | sort --version-sort | tail -n1);
View gist:14785e43260bec1026d49f5a4e2d6434
### Keybase proof
I hereby claim:
* I am apolloclark on github.
* I am apolloclark ( on keybase.
* I have a public key ASC2AayT4Qb7Hxt6BAgO_ocgIbKf0IsyhmdaIalmO43ivAo
To claim this, I am signing this object:
apolloclark / docker image base
Last active Oct 14, 2019
Docker Images, Base OS Support Matrix
View docker image base

"Official Docker Image" Base OS Support Matrix

Analysis was performced on Aug 11, 2019.

Support Matrix

apolloclark / chef, puppet,
Last active Oct 3, 2019
Chef, Puppet, Ansible comparison
View chef, puppet,
apolloclark / build
Last active Jul 17, 2019
Nobody (Almost) Upgrades Servers in 2019
View build

Nobody (Almost) Upgrades Servers Weekly in 2019

No one wants to run old software. We all appreciate using the latest stable version of a given piece of code, be it the OS, a service like Postgres, or an app on your phone. However, it's still difficult to accomplish that. Let's explore why and how to actually fix it.

Outdated Software is Easy to Find

When a company decides to "do security," they often do it to enable the sales team to "sell security." Let us not fool ourselves. No organization does security to make the world a better place. They do it because they realize they can sell to financial services, government, and medical industry customers, or the company has suffered a security breach. After 40+ years of security product marketing, the common wisdom of doing security is to buy: anti-virus, firewall, vulnerability manager, and a static analyzer. The first two have their own limitations, so I'll be focusing on what happens after a vulnerability managers finds something, and how to act

apolloclark /
Last active Aug 17, 2020
DevSecOps Overview


DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps has becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7 years for security to become integrated within the devops methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their devops and security automation is, and to help them increase that maturity over time.


PII and public facing = high
PII and internal facing = medium
no PII and public facing = medium
no PII and internal facing = low

View system
View SOC

SOC Team

Interview questions?

  1. Attitude - What do you want to learn?
  2. Knowledge - What do you read for books, blogs, podcasts, Twitter?
  3. Skills - OSI model, nmap, aws-cli, Bash, Powershell, Python?
  4. Tools - Do we have log monitor, alerts, reporting?
  5. Training - Which certs?
  6. Mentorship - How do you want to get trained internally?
View Example SOC Alert

Example SOC Alert Ticket


Load Balancers without TLS/SSL enabled.

Timeline of Response

  • alert detected on 2019-03-27
  • ticket opened on 2019-03-27
  • must be closed by 2019-04-03, per Company SLA
import skew, json, placebo, os, sys
from pprint import pprint
from datetime import datetime
from elasticsearch import Elasticsearch
# parse command line args
arn_list = {
# logging
You can’t perform that action at this time.