This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Will the System be deployed on Software as a Service (SaaS), Infrastructure as a Service (IaaS) or Platform as a Service (PaaS)? | |
Will the Cloud Deployment Model be Private Cloud, Public Cloud, Community Cloud, or Hybrid Cloud? Please provide a brief description. | |
What 3rd party Certifications or Accreditations have been acquired by the Cloud provider? (e.g. ISO/PCI/SSAE16/270001/IRAP) | |
Are all data centres in Australia? If not, can the system be configured to only use Data Centres located in Australia? | |
Does the vendor have an overarching Information Security Policy/Information Security Framework? Please provide a list of security documents in place currently. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# | |
# Description | |
# Bootstrap SSH Session to an SSM-managed instance | |
# by temporarily adding a public SSH key available on the local machine (ssh-agent or in ~/.ssh) | |
# | |
# | |
# Installation | |
# | |
# First run your eye over this script to check for malicious code |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
for pod in (kubectl get pods --field-selector=status.phase=Running --no-headers -o custom-columns=":metadata.name") | |
echo $pod | |
kubectl exec -ti $pod -- ping 1.1.1.1 -W1 -c1 -q >/dev/null | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# Stand up a VPN between GCP & AWS | |
# Assumes you're CLI auth'd to both as default | |
# Based on https://cloud.google.com/architecture/build-ha-vpn-connections-google-cloud-aws | |
# Yes it's ugly AF but basically working! | |
# Usage: ./setup-vpn.py --shared-secret-0=xxxxxx --shared-secret-1=aaaaa --shared-secret-2=bbbb --shared-secret-3=cccc | |
# You'll need to to pip[env] install beautifulsoup4 click boto3 lxml | |
import subprocess | |
import json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
repos: | |
- repo: https://github.com/bridgecrewio/checkov.git | |
rev: 2.0.402 | |
hooks: | |
- id: checkov | |
files: . | |
args: | |
- --quiet |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set -x | |
sudo amazon-linux-extras enable epel | |
sudo yum install epel-release fuse-sshfs | |
sudo sed -i s/\#\ user/user/g /etc/fuse.conf | |
sudo curl -L https://raw.githubusercontent.com/warrensbox/terraform-switcher/release/install.sh | bash | |
sudo wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.31.1/terragrunt_linux_amd64 -O /usr/bin/terragrunt | |
sudo chmod +x /usr/bin/terragrunt | |
sudo wget https://github.com/Versent/saml2aws/releases/download/v2.31.0/saml2aws_2.31.0_linux_amd64.tar.gz -O /usr/bin/saml2aws_2.31.0_linux_amd64.tar.gz | |
sudo tar -xzvf /usr/bin/saml2aws_2.31.0_linux_amd64.tar.gz | |
sudo chmod +x /usr/bin/saml2aws |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import os | |
import pprint | |
import subprocess | |
src_dir = '/Volumes/Untitled CD' | |
dst_dir = '/tmp/cd' | |
for root, dirs, files in os.walk(src_dir): | |
for f in files: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from github import Github | |
from pprint import pprint | |
import requests | |
TOKEN = 'PERSONAL_ACCESS_TOKEN' | |
g = Github(TOKEN) | |
for repo in g.get_user().get_repos(visibility='public'): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# Compiles a Python package into a zip deployable on AWS Lambda | |
# | |
# - Builds Python dependencies into the package, using a Docker image to correctly build native extensions | |
# - Strip shared object files for smaller size ca. 20% reduction | |
# - Remove .py and use .pyc's = faster lambda and ca. 20% reduction | |
# - Remove tests, info (minor reduction, but why not) | |
# - Remove packages that will be available in AWS lambda env anyway (boto et al) ca. 50mb (uncompressed) reduction | |
# - Able to be used with the terraform-aws-lambda module |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sha256 of all running executables | |
for f in `ps -eo comm` ; do shasum5.28 -a 256 "$f" ; done | |