ritesh

#!/usr/bin/env python3
# Implementing this with dummy data: https://aws.amazon.com/blogs/database/multi-tenant-data-isolation-with-postgresql-row-level-security/

from faker import Faker
from faker.providers import person, company
import random

fake = Faker()
fake.add_provider(person)
fake.add_provider(company)

ritesh

# Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"). You
# may not use this file except in compliance with the License. A copy of
# the License is located at
#
# http://aws.amazon.com/apache2.0/
#
# or in the "license" file accompanying this file. This file is
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF

ritesh

use futures::{stream, Stream, TryStreamExt};
use rusoto_core::RusotoError;
use rusoto_core::credential::ChainProvider;
use rusoto_core::request::HttpClient;
use rusoto_core::Region;
use rusoto_s3::{ListObjectsV2Error, ListObjectsV2Request, Object, S3, S3Client};
use std::{pin::Pin};
//Lifted from here
//https://github.com/softprops/dynomite/blob/master/dynomite/src/ext.rs
// S3Stream provides streaming APIs for S3 client operations.

ritesh

AWSTemplateFormatVersion: "2010-09-09"
Description: |
  Publishes findings from a detector in one region to an S3 bucket
Parameters: 
  DestinationArn:
    Type: String
    Description: ARN of the S3 bucket that you want GuardDuty to push findings to, GuardDuty must have permissions to write to this bucket
  KmsKeyArn:
    Type: String
    Description: The key that GuardDuty should use to encrypt findings

ritesh

[
    {
        "ParameterKey": "RawDBName",
        "ParameterValue": "raw_db_vpc_flow_logs"
    },
    {
        "ParameterKey": "RawTableName",
        "ParameterValue": "raw_table_vpc_flow_logs"
    },
    {

ritesh

AWSTemplateFormatVersion: "2010-09-09"
Description: "Create a glue job to process S3 Data events"
Parameters:
  LogBucket:
    Type: String
  GlueAssetsBucket:
    Type: String
  RawDBName:
    Type: String
  RawTableName:

ritesh

STACK_NAME=MyStack
TEMPLATE_FILE=template.yaml
CAPABILITIES=CAPABILITY_NAMED_IAM

validate: 
	aws cloudformation validate-template --template-body file://$(TEMPLATE_FILE)

create-stack: validate 
	aws cloudformation deploy --template-file $(TEMPLATE_FILE) --stack-name $(STACK_NAME) --capabilities $(CAPABILITIES) --parameter-overrides ProjectId=$(STACK_NAME)

ritesh

#!/bin/bash
rm policies.js 
rm service_actions.txt
curl -s https://awsiamconsole.s3.amazonaws.com/iam/assets/js/bundles/policies.js -O  && node -e "app={}; EnvInfo ={}; _ = {has: function() {return false;}, extend: function(){},};require('./policies.js'); console.log(JSON.stringify(app));" | jq .PolicyEditorConfig.serviceMap  > service_actions.txt
python iam_actions.py

ritesh

name: CI

on:
  push:
    branches: 
      - master
    tags: 
      - '*'
        
jobs:

ritesh

import boto3
import logging
import click
from urllib.parse import urlparse

@click.command()
@click.option('--iplist', prompt='Location of the IP list in S3', help='A file with a CIDR per line of trusted IPs (only TXT supported for now)')
@click.option('--name', default='KnownIPs', prompt='Name', help='Name of the threat list')
def update_threat_list(iplist, name):
    if not valid_list(iplist):