Skip to content

Instantly share code, notes, and snippets.

View greenbrian's full-sized avatar

Brian Green greenbrian

19 followers · 0 following
View GitHub Profile
@apolloclark
apolloclark / devsecops_maturity_model.md
Last active January 22, 2024 05:08
DevSecOps Maturity Model

DevSecOps Maturity Model

DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps was becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7+ years for security to become integrated within the DevOps methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their DevOps and security automation is, and to help them increase that maturity over time. This model is based on experience consulting with a variety of US Financial, Healthcare, and Department of Defense, organizations, and combines:

@dnase
dnase / README.md
Last active September 26, 2022 18:12

get_enterprise_url.py

Gets download URLs for Vault Enterprise and Consul Enterprise

Prerequisites:

Semver is the only external dependency. pip install semver

Usage:

python get_enterprise_url.py -h will display all flags and options.

@Lowess
Lowess / 0_module_ec2_sg_main.tf
Last active September 25, 2017 21:35
Terraform with count
resource "aws_security_group" "sg" {
vpc_id = "${var.vpc}"
name = "${var.name}"
description = "${var.description}"
tags = "${merge(var.tags, map("Name", format("%s", var.name)))}"
}
resource "aws_security_group_rule" "sg_rule_sg_ids" {
count = "${length(var.inbound_sources) * (var.add_rules ? 1 : 0)}"
type = "${var.type}"
@tuannvm
tuannvm / 0.12.tf
Last active December 3, 2022 18:50
#terraform #hashicorp #cheatsheet #0.12
#### first class expresssion
variable "ami" {}
resource "aws_instance" "example" {
ami = var.ami
}
#### list & map
resource "aws_instance" "example" {
vpc_security_group_ids = var.security_group_id != "" ? [var.security_group_id] : []
}
@joelthompson
joelthompson / README.md
Last active March 12, 2024 10:14
Vault Auth
@slackpad
slackpad / bootstrap.md
Last active September 27, 2020 17:57
Bootstrapping Consul Servers with Version 8 ACLs Enabled (v0.8.1)
@maxvt
maxvt / infra-secret-management-overview.md
Last active February 28, 2024 20:53
Infrastructure Secret Management Software Overview

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.

This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.

There is a companion feature matrix of various tools. Comments are welcome in the same manner.

@L422Y
L422Y / osx_automount_nfs.md
Last active May 4, 2024 14:26
Automounting NFS share in OS X into /Volumes

I have spent quite a bit of time figuring out automounts of NFS shares in OS X...

Somewhere along the line, Apple decided allowing mounts directly into /Volumes should not be possible:

/etc/auto_master (see last line):

#
# Automounter master map
#

+auto_master # Use directory service

@wsargent
wsargent / docker_cheat.md
Last active August 31, 2023 12:10
Docker cheat sheet
@marcusphi
marcusphi / ansible_conditionals_examples.yaml
Created October 2, 2013 09:48
Ansible 1.3 Conditional Execution -- Very complete example with comments -- I find the conditional expressions to be ridiculously hard to get right in Ansible. I don't have a good model of what's going on under the surface so I often get it wrong. What makes it even harder is that there has been at least three different variants over the course …
---
# This has been tested with ansible 1.3 with these commands:
# ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts isFirstRun=false"
# ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts isFirstRun=true"
# ansible-playbook -i hosts ansible_conditionals_examples.yaml --extra-vars="hosts=myhosts"
# NB: The type of the variable is crucial!
- name: Ansible Conditionals Examples
hosts: $hosts
vars_files: