Skip to content

Instantly share code, notes, and snippets.

Stenio Ferreira stenio123

Block or report user

Report or block stenio123

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@stenio123
stenio123 / VaultK8s.md
Created Aug 19, 2019
Vault K8s MutableWebhook
View VaultK8s.md
# Checkout the bank-vaults project
 2
 3git clone git@github.com:banzaicloud/bank-vaults.git
 4
 5cd bank-vaults
 6
 7# Install the vault-operator and create a Vault instance
 8# with it, which has the Kubernetes auth method configured
 9
@stenio123
stenio123 / README.md
Created Aug 14, 2019
Vault Kubernetes Webhook Instructions
View README.md

Vault Kubernetes Mutating Hook

This is an example showing how to use mutating admission hooks in kubernetes to automate the addition of init and sidecar containers to pods. This will allow using only one annotation in the deployment to automate retrieval of secrets from Vault.

Environment

Vault

  1. Download Vault
  2. Execute
vault server -dev -dev-root-token-id=root
@stenio123
stenio123 / Number of requests Vault
Created May 20, 2019
Script to list number of requests in a log file from Vault
View Number of requests Vault
# Number of requests on Vault
## Author: Ranjit
```
cat ~/vault.log | tr '\n' ',' | sed 's/^/[/' | sed 's/,$/]/' | jq '. | map(select(.type == "request")) | length'
```
## Author: Ancil
```
awk '/"type":"request"/{++cnt} END {print "Count = ", cnt}' vaultaudit.log
```
@stenio123
stenio123 / get_credentials.py
Created Jan 18, 2019 — forked from ricardosasilva/get_credentials.py
Download Vault credentials recursively as JSON
View get_credentials.py
"""
Get Vault credentials recursively as json.
Requirements: requests lib. Run pip to install it:
$ pip install requests
To run this command:
$ python get_credentials.py <initial url> <token>
@stenio123
stenio123 / TFE_API.md
Last active Jan 18, 2019
Example API calls interacting with Terraform Enterprise
View TFE_API.md

Example API calls interacting with Terraform Enterprise

Get list of workspaces

curl   --header "Authorization: Bearer ${TFE_TOKEN}"   --header "Content-Type: application/vnd.api+json"   $TFE_ADDR/api/v2/organizations/$TFE_ORG/workspaces | jq .

You can have the above in a loop, or to get a specific workspace:

# id of the first workspace returned
@stenio123
stenio123 / README.md
Last active Jan 11, 2019
Example AWS Terraform Enterprise Workflow
View README.md

Example AWS Terraform Enterprise Workflow

This document describes the steps required to demo an opinionated workflow deploying and managing AWS resources using Terraform Enterprise.

Requirements

In order to complete this demo, you need to have:

  • a Terraform Enterprise account
  • a git account

Workflow Type

@stenio123
stenio123 / README.md
Created Jan 11, 2019
Example Azure Terraform Enterprise Workflow
View README.md

Example Azure Terraform Enterprise Workflow

This document describes the steps required to demo an opinionated workflow deploying and managing Azure resources using Terraform Enterprise.

Requirements

In order to complete this demo, you need to have:

  • a Terraform Enterprise account
  • a git account

Steps

@stenio123
stenio123 / README.md
Created Jan 3, 2019
Terraform Enterprise as alternative to AWS Service Catalog
View README.md

Whiteboard

@stenio123
stenio123 / Sign.MD
Last active Apr 25, 2019
Signing a base64 string with Vault Transit Secret Engine
View Sign.MD

This code shows the steps to enable the transit secret engine, configure a key, and use the sign leveraging Vault.

vault secrets enable transit

# Default key type doesn't support signing
vault write -f transit/keys/my-key type=rsa-4096

# Encode a string as base64
echo -n 'This was created by Stenio, you can trust me!' | openssl base64
You can’t perform that action at this time.