Skip to content

Instantly share code, notes, and snippets.

Avatar
🏠
Working from home

David Norman deekayen

🏠
Working from home
View GitHub Profile
@deekayen
deekayen / 1-1000.txt
Last active Mar 4, 2021
1,000 most common US English words
View 1-1000.txt
the
of
to
and
a
in
is
it
you
that
@deekayen
deekayen / .gitlab-ci.yml
Last active Feb 15, 2021
Scan a docker contianer with Prisma Cloud Twistlock twistcli and report the results to the Prisma Cloud dashboard. Some variables are stored in the repository's CI variables configuration in the GitLab web interface. The $prisma_cloud_compute_url should be something like https://us-east1.cloud.twistlock.com/us-2-1111111111111, not https://api2.p…
View .gitlab-ci.yml
prisma-cloud:
tags:
- kubernetes
stage: test
image: docker:stable
services:
- name: docker:dind
entrypoint: ["env", "-u", "DOCKER_HOST"]
command: ["dockerd-entrypoint.sh"]
variables:
@deekayen
deekayen / deekayen_iterm_profile.json
Created Dec 18, 2020
My custom iTerm default profile for deekayen-macbook
View deekayen_iterm_profile.json
{
"Working Directory" : "\/Users\/deekayen",
"Prompt Before Closing 2" : 0,
"Selected Text Color" : {
"Green Component" : 1,
"Blue Component" : 0.999828040599823,
"Red Component" : 0.99989014863967896
},
"Rows" : 25,
"Ansi 11 Color" : {
@deekayen
deekayen / twistlock_runtime_container.sh
Created Dec 7, 2020
Pull CSV output from the Twistlock API to list vulnerabilities in runtime images and their hosts. Prints to screen.
View twistlock_runtime_container.sh
#!/bin/bash
API="us-east1.cloud.twistlock.com/us-2-158255947"
echo "Logging in..."
JWT="$(curl -s \
-H "Content-Type: application/json" \
-X POST \
-d \
'{
@deekayen
deekayen / README.md
Last active Nov 18, 2020
AWS HIPAA eligible services to process, store, and transmit protected health information (PHI) translated to AWS CLI service commands.
View README.md

Help yourself get a quick idea what services are permitted for HIPAA protected PHI in AWS. AWS gives you a list that's formatted in all the formal marketing names, but this translates it to the AWS CLI commands.

This list was manually generated from the AWS HIPAA Eligible Services Reference based on me using my eyeballs to compare the reference page to the AWS CLI version 2 documentation list of commands. I infered some commands like appconfig as a capability of Systems Manager, or dlm as part of Elastic Block Store which is are permitted services.

You should expect to find errors, omissions, and other legal problems, as you should expect from random, free stuff you find on the Internet.

@deekayen
deekayen / README.md
Last active Nov 18, 2020
Loop through AWS accounts to get a list of services they're using. Expects aliases to be already configured and logged-in on saml2aws.
View README.md

Setup each account alias (e.g. 0440) in ~.saml2aws:

[0440]
app_id               =
url                  = https://yourcompany.okta.com/home/amazon_aws/0oampop23kld3JI9b0x7/272
username             = david.norman@example.com
provider             = Okta
mfa                  = PUSH
skip_verify          = false
@deekayen
deekayen / .aws_config
Last active Nov 17, 2020
Connect to AWS using saml2aws 2.27.1 on MacOS installed by homebrew via Okta configured with PUSH MFA.
View .aws_config
[profile sandbox]
region = us-east-1
[profile dev]
region = us-east-1
[profile prod]
region = us-east-1
[default]
@deekayen
deekayen / saml-list-all.sh
Last active Nov 9, 2020
List all services used in AWS with aws-list-all python pip package.
View saml-list-all.sh
#!/bin/zsh
saml2aws exec 'aws-list-all query --parallel 1 --region us-east-1 | grep "+++" | cut -d" " -f2 | sort | uniq'
@deekayen
deekayen / .gitlab-ci.yml
Created Oct 22, 2020
Lint Ansible using GitLab Runners in kubernetes.
View .gitlab-ci.yml
---
default:
image:
name: cytopia/ansible:latest-tools
entrypoint: ["/bin/sh", "-c"]
tags:
- kubernetes
ansible-lint:
@deekayen
deekayen / upgrade.sh
Last active Aug 27, 2020
Upgrade Ansible AWX containers
View upgrade.sh
docker stop awx_task
docker rm awx_task
docker rmi ansible/awx_task:latest
docker stop awx_web
docker rm awx_web
docker rmi ansible/awx_web:latest
git pull
cd installer