Skip to content

Instantly share code, notes, and snippets.

🔒
SECURE ALL THE MACHINES!!

Joe Garcia, CISSP infamousjoeg

🔒
SECURE ALL THE MACHINES!!
Block or report user

Report or block infamousjoeg

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@infamousjoeg
infamousjoeg / CYBRAutomation.md
Last active Jul 12, 2019
CyberArk Automation - Greatest Hits!
View CYBRAutomation.md
@infamousjoeg
infamousjoeg / Jenkinsfile
Last active Jun 26, 2019
Example of using cURL to list Conjur resources in a Groovy DSL Jenkinsfile
View Jenkinsfile
pipeline {
agent { label 'master' }
environment {
def loginToken = '3m184cf1ygzfcd24ct5a93wwjzfwm4r2gx36vykyc2er5qz01se0th3'
def username = 'dba01'
def auth_token = sh (script: "curl -k --data ${env.loginToken} https://master1.yoba.net/authn/Kramerica/dba01/authenticate | base64 | tr -d '\\r\\n'", returnStdout: true).trim()
//println("curl returned: ${auth_token}")
}
View MySql-5.5-installation guide.md

MySQL Download URL

https://dev.mysql.com/get/Downloads/MySQL-5.5/mysql-5.5.56-linux-glibc2.5-x86_64.tar.gz

Open the terminal and follow along:

  • Uninstall any existing version of MySQL
sudo rm /var/lib/mysql/ -R
@infamousjoeg
infamousjoeg / cidr-restricted-user-policy.yml
Created Jun 17, 2019
CyberArk Conjur User & Host Identities with CIDR-restriction
View cidr-restricted-user-policy.yml
#Single IP
- !user
id: bob
restricted_to: 172.17.0.3
#Multiple IPs
- !user
id: joe
restricted_to: [172.17.0.3, 192.168.79.5]
@infamousjoeg
infamousjoeg / authn-k8s-policy.yml
Last active May 9, 2019
Clean Example of Authn-K8s Policy for CyberArk DAP & Conjur Open Source
View authn-k8s-policy.yml
- !policy
id: conjur/authn-k8s/conjur-follower
#Subpolicy to define all things required for OpenShift Authentication
body:
- !webservice
annotations:
description: Authentication service definition for follower namespace
- !policy #policy definition for CA - used as part of authenticator
@infamousjoeg
infamousjoeg / ProvisioningExample.yml
Last active May 8, 2019
Example deploying a LAMP Stack and provisioning with Ansible Role infamousjoeg.provisioning
View ProvisioningExample.yml
---
- hosts: localhost
pre_tasks:
- name: Install Apache & PHP
yum:
name: ['httpd', 'php', 'php-mysql']
state: present
- name: Install Web Role Specific Dependencies
@infamousjoeg
infamousjoeg / conjur-demo-app.go
Created May 3, 2019
Example Go App for Conjur Demos of authn-k8s
View conjur-demo-app.go
package main
import (
"database/sql"
"fmt"
"log"
"os"
"github.com/cyberark/conjur-api-go/conjurapi"
_ "github.com/go-sql-driver/mysql"
@infamousjoeg
infamousjoeg / cloudbeesdays-pipeline.groovy
Created Apr 8, 2019
CloudBees Days Conjur Workshop 2019 - Pipeline Script for Simple Token App
View cloudbeesdays-pipeline.groovy
pipeline {
agent any
stages {
stage ('Checkout SCM') {
steps {
checkout(
[
$class: 'GitSCM',
branches: [[name: '*/master']],
@infamousjoeg
infamousjoeg / aimcp-restapi.yml
Last active Mar 21, 2019
Example of @cyberark AIM Credential Provider + @cyberark REST API + Ansible Community 2.5+
View aimcp-restapi.yml
---
- hosts: localhost
roles:
- role: cyberark.modules
tasks:
- name: Logon to CyberArk Vault using PAS Web Services SDK
cyberark_authentication:
@infamousjoeg
infamousjoeg / RESTAPI_example.ps1
Created Jan 3, 2019
REST API example from git.joeco.de/CyberArk-RESTAPI with writing output of Get Accounts request
View RESTAPI_example.ps1
function PASREST-Logon {
# Declaration
$webServicesLogon = "$PVWA_URL/PasswordVault/WebServices/auth/Cyberark/CyberArkAuthenticationService.svc/Logon"
# Authentication
$bodyParams = @{username = "Svc_CyberArkAPI"; password = "password"} | ConvertTo-JSON
# Execution
try {
You can’t perform that action at this time.