rdkls

Will the System be deployed on Software as a Service (SaaS), Infrastructure as a Service (IaaS) or Platform as a Service (PaaS)? 

Will the Cloud Deployment Model be Private Cloud, Public Cloud, Community Cloud, or Hybrid Cloud? Please provide a brief description. 

What 3rd party Certifications or Accreditations have been acquired by the Cloud provider?  (e.g. ISO/PCI/SSAE16/270001/IRAP)  

Are all data centres in Australia? If not, can the system be configured to only use Data Centres located in Australia? 

Does the vendor have an overarching Information Security Policy/Information Security Framework? Please provide a list of security documents in place currently. 

rdkls

#!/usr/bin/env bash
#
# Description
# Bootstrap SSH Session to an SSM-managed instance
# by temporarily adding a public SSH key available on the local machine (ssh-agent or in ~/.ssh)
# 
#
# Installation
#
# First run your eye over this script to check for malicious code

rdkls

for pod in (kubectl get pods --field-selector=status.phase=Running --no-headers -o custom-columns=":metadata.name")
      echo $pod
      kubectl exec -ti $pod -- ping 1.1.1.1 -W1 -c1 -q >/dev/null
end

rdkls

#!/usr/bin/env python3
# Stand up a VPN between GCP & AWS
# Assumes you're CLI auth'd to both as default
# Based on https://cloud.google.com/architecture/build-ha-vpn-connections-google-cloud-aws
# Yes it's ugly AF but basically working!
# Usage: ./setup-vpn.py --shared-secret-0=xxxxxx --shared-secret-1=aaaaa --shared-secret-2=bbbb --shared-secret-3=cccc
# You'll need to to pip[env] install beautifulsoup4 click boto3 lxml

import subprocess
import json

rdkls

repos:
  - repo: https://github.com/bridgecrewio/checkov.git
    rev: 2.0.402
    hooks:
      - id: checkov
        files: .
        args:
          - --quiet

rdkls

set -x
sudo amazon-linux-extras enable epel
sudo yum install epel-release fuse-sshfs
sudo sed -i s/\#\ user/user/g /etc/fuse.conf
sudo curl -L https://raw.githubusercontent.com/warrensbox/terraform-switcher/release/install.sh | bash
sudo wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.31.1/terragrunt_linux_amd64 -O /usr/bin/terragrunt
sudo chmod +x /usr/bin/terragrunt
sudo wget https://github.com/Versent/saml2aws/releases/download/v2.31.0/saml2aws_2.31.0_linux_amd64.tar.gz -O /usr/bin/saml2aws_2.31.0_linux_amd64.tar.gz
sudo tar -xzvf /usr/bin/saml2aws_2.31.0_linux_amd64.tar.gz
sudo chmod +x /usr/bin/saml2aws

rdkls

#!/usr/bin/python
import os
import pprint
import subprocess

src_dir = '/Volumes/Untitled CD'
dst_dir = '/tmp/cd'

for root, dirs, files in os.walk(src_dir):
    for f in files:

rdkls

#!/usr/bin/env python3
from github import Github
from pprint import pprint
import requests

TOKEN = 'PERSONAL_ACCESS_TOKEN'

g = Github(TOKEN)

for repo in g.get_user().get_repos(visibility='public'):

rdkls

#!/bin/bash
#
# Compiles a Python package into a zip deployable on AWS Lambda
#
# - Builds Python dependencies into the package, using a Docker image to correctly build native extensions
# - Strip shared object files for smaller size ca. 20% reduction
# - Remove .py and use .pyc's = faster lambda and ca. 20% reduction
# - Remove tests, info (minor reduction, but why not)
# - Remove packages that will be available in AWS lambda env anyway (boto et al) ca. 50mb (uncompressed) reduction
# - Able to be used with the terraform-aws-lambda module

rdkls

sha256 of all running executables

for f in `ps -eo comm` ; do shasum5.28 -a 256 "$f" ; done