Skip to content

Instantly share code, notes, and snippets.

View pstanton237's full-sized avatar

pstanton237 pstanton237

21 followers · 55 following
View GitHub Profile
@nitrocode
nitrocode / README.md
Last active December 30, 2022 23:43
Cloud custodian iam policy and role generated from code and outputted to terraform

CloudCustodian IAM Policy

Extracts perms from cloud-custodian repo, sanitizes extracted data, and transforms into terraform.

How it works

The code will

  1. search for permissions = (get this data) over multiline
  2. print only the captured group
@apolloclark
apolloclark / devsecops_maturity_model.md
Last active May 23, 2024 04:49
DevSecOps Maturity Model

DevSecOps Maturity Model

DevSecOps has finally become popular within the wider IT industry in 2019. I started as a web developer in 2001, learned about testing automation, system deployment automation, and "infrastructure as code" in 2012, when DevOps was becoming a popular term. DevOps became common after the release of The Phoenix Project in Jan 2013. It has taken 7+ years for security to become integrated within the DevOps methodology. The following is a list of concepts I go through with project owners, project managers, operations, developers, and security teams, to help establish how mature their DevOps and security automation is, and to help them increase that maturity over time. This model is based on experience consulting with a variety of US Financial, Healthcare, and Department of Defense, organizations, and combines:

@SamLR
SamLR / aws-vpc-crawler.py
Created May 10, 2019 10:02
import boto3
from sys import argv
def get_name(aws_obj):
names = list(tag['Value'] for tag in aws_obj['Tags'] if tag['Key'] == 'Name')
if len(names) != 1:
# print('No name for object: {}'.format(aws_obj))
return '--unknown--'
@coreygo
coreygo / macos-info.md
Last active May 16, 2024 20:38

Information for macOS Setup and Developer Experience

Last updated, 2024-05-16, applies to macOS 14.x.x (Sonoma) on Intel silicon hardware.

The default Terminal and Shell (zsh) is replaced with iTerm2 and Bash v5.

This document is meant to serve as an aid and reference in preparing a macOS system on Intel silicon hardware, the process is reviewed and completed manually. Apple M silicon hardware has not been tested.

Note: Review associated documentation at each software and service site prior to implementation to avoid unintended side effects. Prior to running brew install commands, run brew info to confirm what and how Homebrew will manage an installation. Some of the information may also apply to Apple silicon hardware but has not yet been verified.

@clemenspeters
clemenspeters / __Real-time Anomaly Detection in VPC Flow Logs.markdown
Last active May 27, 2022 10:09
Real-time Anomaly Detection in VPC Flow Logs

Real-time Anomaly Detection in VPC Flow Logs (in AWS)

Introduction

Credit goes to Igor Kantor (https://medium.com/@devfire) who wrote the original post (5 parts) on Medium:

The goal of this GitHubGist is to support anyone who wants to implement the described architecture and get it running on AWS. This means you should use both the Medium Post and this GitHubGist for the implementation (since I will not repeat all the text here).

On my aws account I used a prefix (medium_) for all services, to easily find them amongst all the other running services/instance/funtions/roles etc. (just as a suggestion). It will make cleaning up your aws account easier later on.

@mvanholsteijn
mvanholsteijn / copy route53 hosted zone
Last active March 29, 2021 12:08
a short shell script to copy the contents from one Route53 hosted zone to the other
#!/bin/bash
aws route53 list-resource-record-sets \
--hosted-zone ${SOURCE_HOSTED_ZONE_ID} \
--query '{Changes: ResourceRecordSets[?Type != `NS` && Type != `SOA`].{"Action": `UPSERT`, "ResourceRecordSet": @ }}' > changeset.json
aws route53 change-resource-record-sets \
--hosted-zone ${TARGET_HOSTED_ZONE_ID} \
--change-batch "$(<changeset.json)"
@rjorgenson
rjorgenson / README.md
Last active June 2, 2020 14:42
Bear Journal

I created these scripts to generate some daily and monthly notes in Bear.

The launchd scripts will run the daily script every day at 3am and the monthly script on the first of every month at 2am. Make sure to update the path to the actual scripts in the launchd scripts before loading them.

mv com.bearjournal.daily.plist ~/Library/LaunchAgents/
launchctl load ~/Library/LaunchAgents/com.bearjournal.daily.plist

mv com.bearjournal.monthly.plist ~/Library/LaunchAgents/
launchctl load ~/Library/LaunchAgents/com.bearjournal.monthly.plist
@pkazi
pkazi / cloudTrailEventNames.list
Last active March 23, 2024 09:37
List of values for parameter EventName in AWS Cloudtrail events
AbortDocumentVersionUpload
AbortEnvironmentUpdate
AbortMultipartUpload
AbortVaultLock
AcceptAccountMapping
AcceptCertificateTransfer
AcceptDelegate
AcceptDirectConnectGatewayAssociationProposal
AcceptFxPaymentCurrencyTermsAndConditions
AcceptHandshake
@zikes
zikes / .zshrc
Last active November 14, 2022 03:45
Using kube-ps1 with P9K
# Enable the kube-ps1 oh-my-zsh plugin
plugins = (
git
kube-ps1
)
# The output of the kube_ps1 function is text, so it can be used
# directly as a custom p9k segment
POWERLEVEL9K_CUSTOM_KUBE_PS1='kube_ps1'
@memiah-steve
memiah-steve / aws-route53-delete-hosted-zones.sh
Created April 18, 2018 13:19
AWS route53 Delete all hosted zones (bash, aws cli, jq)
#!/bin/bash
# AWS route53 Delete all hosted zones.
# Requires aws cli, jq
# chmod u+x ~/aws-route53-delete-hosted-zones.sh
# AWS profile to use.
PROFILE="default"
# Loop through each Hosted Zone.
while read id