rdkls

Will the System be deployed on Software as a Service (SaaS), Infrastructure as a Service (IaaS) or Platform as a Service (PaaS)? 

Will the Cloud Deployment Model be Private Cloud, Public Cloud, Community Cloud, or Hybrid Cloud? Please provide a brief description. 

What 3rd party Certifications or Accreditations have been acquired by the Cloud provider?  (e.g. ISO/PCI/SSAE16/270001/IRAP)  

Are all data centres in Australia? If not, can the system be configured to only use Data Centres located in Australia? 

Does the vendor have an overarching Information Security Policy/Information Security Framework? Please provide a list of security documents in place currently. 

rdkls

Note the projection for api/alb name is an enum not 'injected' to enable querying on it

CREATE EXTERNAL TABLE IF NOT EXISTS alb_logs (
            type string,
            time string,
            elb string,
            client_ip string,
            client_port int,
            target_ip string,
            target_port int,

rdkls

for pod in (kubectl get pods --field-selector=status.phase=Running --no-headers -o custom-columns=":metadata.name")
      echo $pod
      kubectl exec -ti $pod -- ping 1.1.1.1 -W1 -c1 -q >/dev/null
end

rdkls

#!/usr/bin/env python3
# Stand up a VPN between GCP & AWS
# Assumes you're CLI auth'd to both as default
# Based on https://cloud.google.com/architecture/build-ha-vpn-connections-google-cloud-aws
# Yes it's ugly AF but basically working!
# Usage: ./setup-vpn.py --shared-secret-0=xxxxxx --shared-secret-1=aaaaa --shared-secret-2=bbbb --shared-secret-3=cccc
# You'll need to to pip[env] install beautifulsoup4 click boto3 lxml

import subprocess
import json

rdkls

repos:
  - repo: https://github.com/bridgecrewio/checkov.git
    rev: 2.0.402
    hooks:
      - id: checkov
        files: .
        args:
          - --quiet

rdkls

set -x
sudo amazon-linux-extras enable epel
sudo yum install epel-release fuse-sshfs
sudo sed -i s/\#\ user/user/g /etc/fuse.conf
sudo curl -L https://raw.githubusercontent.com/warrensbox/terraform-switcher/release/install.sh | bash
sudo wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.31.1/terragrunt_linux_amd64 -O /usr/bin/terragrunt
sudo chmod +x /usr/bin/terragrunt
sudo wget https://github.com/Versent/saml2aws/releases/download/v2.31.0/saml2aws_2.31.0_linux_amd64.tar.gz -O /usr/bin/saml2aws_2.31.0_linux_amd64.tar.gz
sudo tar -xzvf /usr/bin/saml2aws_2.31.0_linux_amd64.tar.gz
sudo chmod +x /usr/bin/saml2aws

rdkls

#!/usr/bin/env python3
from github import Github
from pprint import pprint
import requests

TOKEN = 'PERSONAL_ACCESS_TOKEN'

g = Github(TOKEN)

for repo in g.get_user().get_repos(visibility='public'):

rdkls

sha256 of all running executables

for f in `ps -eo comm` ; do shasum5.28 -a 256 "$f" ; done

rdkls

openssl genrsa -out key.pem
openssl rsa -in key.pem -pubout -out key.pub

Now you'll have pub + private keys
You can send the pub key to supplying user, who can then encrypt with it, and you can decrypt

To encrypt:

echo "xxxxxxxx" | openssl rsautl -encrypt -inkey ./key.pub -pubin | base64

rdkls

// ==UserScript==
// @name         Whitelist AWS Console Service list
// @namespace    http://tampermonkey.net/
// @version      0.1
// @description  Show only selected services in the AWS Web Console Services menu
// @author       rdkls
// @match        https://*console.aws.amazon.com/*
// @match        https://*.console.aws.amazon.com/*
// @grant        none
// ==/UserScript==