Skip to content

Instantly share code, notes, and snippets.

Avatar
🙊
I'm really good at keeping secrets.

Joe Garcia infamousjoeg

🙊
I'm really good at keeping secrets.
View GitHub Profile
@infamousjoeg
infamousjoeg / BradleyMastersCallOfDuty.md
Created March 18, 2023 03:04
"Bradley masters Call of Duty" by ChatGPT (GPT-4 Model)
View BradleyMastersCallOfDuty.md

Bradley Masters Call of Duty

By: ChatGPT
Using the GPT-4 Model
2023-03-17

In the land of Gamerton, where controllers do play, Lived a young lad named Bradley, who practiced all day. He wanted to be the best at the game, The kind of player who'd rise up in fame.

@infamousjoeg
infamousjoeg / exportSafeMembers.ps1
Created February 28, 2023 15:57
Export Safe Members for all Safes in CyberArk PAM using psPAS PowerShell Module
View exportSafeMembers.ps1
# Before running this script, make sure psPAS is installed by running:
# Install-Module psPAS
Import-Module psPAS
$BaseURI = Read-Host "Enter the Base URL (e.g. https://pvwa.example.com)"
$Type = Read-Host "Enter the Authentication Type [cyberark], ldap, radius"
if (!$Type) {
$Type = "cyberark"
}
@infamousjoeg
infamousjoeg / create_testusers.ps1
Last active January 31, 2023 19:21
Create & Delete 100 Test User Accounts in a Test Safe for CyberArk PAM
View create_testusers.ps1
# Import PowerShell module psPAS, if it doesn't exist, install it
Import-Module psPAS -ErrorAction SilentlyContinue
if ($LASTEXITCODE -ne 0) {
Install-Module psPAS -Force
Import-Module psPAS
}
$baseURL = Read-Host "Enter the base URL of your CyberArk instance"
$authType = Read-Host "Enter the authentication type (CyberArk, LDAP)"
$credential = Get-Credential
@infamousjoeg
infamousjoeg / CacheMFAforSSHviaPSMP.ps1
Created January 24, 2023 16:34
Cache MFA for SSH Connections via PSM for SSH Proxy
View CacheMFAforSSHviaPSMP.ps1
############
# This PowerShell script was translated using OpenAI's code-davinci-002 model
# against the original Python source code. https://beta.openai.com/playground?model=code-davinci-002
#
# https://github.com/vinceblake/cyberark-mfa-no-gui-example/blob/master/SAML-Get-MFA-Caching-Key.py
############
# SET THESE VARIABLES
$ispss_subdomain = "example"
$username = "user@example.com"
@infamousjoeg
infamousjoeg / jenkins-freestyle.sh
Created November 9, 2022 20:10
How to use Conjur Secrets provided SSH Private Key to clone Git repository in Jenkins
View jenkins-freestyle.sh
set +x
echo "$CONJUR_SECRET" > "$WORKSPACE"/private.key
set -x
chmod 0600 "$WORKSPACE"/private.key
sed -i 's/\r$//g' "$WORKSPACE"/private.key
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i $WORKSPACE/private.key -F /dev/null"
git clone git@github.com:infamousjoeg/epa-poc.git
@infamousjoeg
infamousjoeg / DeployRDSSecret.yml
Created October 12, 2022 00:15
An AWS CloudFormation template that uses AWS Secrets Manager to provide the admin password for a provisioned RDS database
View DeployRDSSecret.yml
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates an empty SQL Server RDS database as an example for automated deployments.
Parameters:
SqlServerInstanceName:
NoEcho: 'false'
Description: RDS SQL Server Instance Name
Type: String
Default: SqlRdsDB
MinLength: '1'
MaxLength: '63'
@infamousjoeg
infamousjoeg / Jenkinsfile
Created July 28, 2022 15:59
Example of using Conjur Secrets Plugin for Jenkins to checkout BitBucket repository
View Jenkinsfile
node {
stages {
stage('Checkout SCM') {
steps {
withCredentials([
conjurSecretCredential(credentialsId: 'scm/bitbucket/jenkins/username', variable: 'BITBUCKET_USER'),
conjurSecretCredential(credentialsId: 'scm/bitbucket/jenkins/password', variable: 'BITBUCKET_PASS')
]) {
git url: 'https://${BITBUCKET_USER}:${BITBUCKET_PASS}@bitbuckethost.com/scm/my-repo.git'
}
@infamousjoeg
infamousjoeg / runbook.md
Last active July 22, 2022 19:05
Runbook for Jenkins Integration with Conjur POC - Conjur Configurator
View runbook.md

Conjur POC

Jenkins Integration Runbook

Conjur Configurator

Enable JWT Authenticator for Jenkins

  1. Run ./setup.sh.
  2. Select 1 to Import Previous Configuration.
@infamousjoeg
infamousjoeg / .env
Last active May 23, 2022 11:54
Ansible Multiple Secret Playbook
View .env
export CONJUR_ACCOUNT=poc
export CONJUR_APPLIANCE_URL=https://ec2-00-00-00-00.compute-1.amazonaws.com
export CONJUR_CERT_FILE=conjur-poc.pem
export CONJUR_AUTHN_LOGIN=admin
export CONJUR_AUTHN_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
@infamousjoeg
infamousjoeg / k8s-secrets-crontjob.yaml
Last active March 7, 2022 22:13
CyberArk Conjur Kubernetes Secrets Provider as a CronJob
View k8s-secrets-crontjob.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: k8s-secrets-provider-account
namespace: conjur
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata: