shokoe
/ aws_inspector_cron.sh
Last active
September 11, 2024 05:54
Executes AWS Inspector run, export full findings csv file from last completed run, compile a concise counters report including severity and package aggregates by hostname. Full and aggregated report are uploaded to S3.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/snap/bin | |
| log="/var/log/aws_inspector/aws_inspector_export_rep.log" | |
| template_arn='arn:aws:inspector:us-east-1:XXXXXXXXXXXX:target/xxxxxxxxxx/template/xxxxxxxxxx' | |
| wait_sec='5400' | |
| log_out(){ | |
| (($verifymon)) &&\ | |
| echo -e "`date +'%Y-%m-%d %H:%M:%S'` (pid $$) -- $1" >> $log ||\ | |
| echo -e "`date +'%Y-%m-%d %H:%M:%S'` (pid $$) -- $1" | tee -a $log |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Usage: salt-encrypt {optional -f} <input> <keyid>, or just `salt-encrypt` for interactive mode | |
| # Summary: Encrypt some string / file for Salt | |
| # Help: This command can be used to gpg encrypt some content for use in salt pillars or really anything you want to encrypt with GPG | |
| set -e | |
| #Replace below with the default key you encrypt with | |
| DEFAULT_RECIPIENT="XXXXXX" | |
| multi=0 |