Skip to content

Instantly share code, notes, and snippets.

View tkishel's full-sized avatar

Thomas Kishel tkishel

22 followers · 1 following
  • Wiz
  • Portland, OR
View GitHub Profile
@tkishel
tkishel / centos_fix_for_redhat_package.rb
Created October 9, 2020 19:12
#!/usr/bin/env ruby
require 'uri'
require 'net/http'
# require 'openssl'
#### METHODS
def get_package(package)
if (matched = package.match(%r{^(?<name>.+)-(?<version>[^-]+)-(?<release>[^-]+)\.(?<architecture>\w+)}))
@tkishel
tkishel / gcp_agentless_hub_model_cwp.md
Last active January 24, 2023 22:29
GCP Agentless (Hub Model, Compute)

Configure Agentless Scanning (GCP, Hub Model, Compute)

This documents the steps to configure Prisma Cloud Agentless Scanning for GCP Projects, using the Hub and Target model, with Prisma Cloud Compute credentials.

In this document, each GCP Project, its Service Account, and its Prisma Cloud Account use the same name. Doing so creates a one-to-one mapping of projects, accounts, resources, and filenames. This mapping is not required, but results in a simple series of steps.

Step 1

Set the following environment variables (locally, or in CloudShell) to define the name of the Hub and Target Projects:

@tkishel
tkishel / gcp_agentless_same_account_cwp.md
Last active January 24, 2023 22:29
GCP Agentless (Same Account Model, Compute)

Configure Agentless Scanning (GCP, Same Account Model, Compute)

This documents the steps to configure Prisma Cloud Agentless Scanning for GCP Projects, using the Same Account model, with Prisma Cloud Compute credentials.

In this document, the GCP Project, its Service Account, and its Prisma Cloud Account use the same name. Doing so creates a one-to-one mapping of projects, accounts, resources, and filenames. This mapping is not required, but results in a simple series of steps.

Step 1

Set the following environment variable (locally, or in CloudShell) to define the name of the Project:

@tkishel
tkishel / gcp_agentless_hub_model_saas.md
Last active August 26, 2024 08:06
GCP Agentless Hub Model SaaS

Configure Agentless Scanning (GCP, Hub Model, SaaS)

This documents the steps to configure Prisma Cloud Agentless Scanning for GCP Projects, using the Hub and Target model with Prisma Cloud SaaS credentials.

Onboarding Projects in Prisma Cloud > Settings > Cloud Accounts provides almost all of the necessary configuration, with only cross-project configuration required to support the Hub and Target model.

In this document, each GCP Project and its Prisma Cloud Account use the same name. Doing so creates a one-to-one mapping of projects, accounts, resources, and filenames. This mapping is not required, but results in a simple series of steps.

Step 1

@tkishel
tkishel / pc_agentless_gcp.md
Last active January 24, 2023 22:26
Prisma Cloud: Agentless Configuration: GCP

Prisma Cloud: Agentless Configuration: GCP

This documents the steps to configure Prisma Cloud Agentless Scanning for GCP Projects.

There are two scanning options (Same Account, Hub and Target) and two credential options (SaaS, Compute).

For Same Account scanning, using SaaS credentials:

  • Onboard the GCP Project in Prisma Cloud > Settings > Cloud Accounts, enabling Agentless Workload Scanning
  • Configure additional settings for Agentless Scanning of the Project in Prisma Cloud > Compute > Cloud Accounts
@tkishel
tkishel / aci-wiz.md
Last active May 4, 2023 18:52
Deploy WizCLI via an Azure Container Instance | TechNote

Deploy WizCLI as an Azure Container Instance | TechNote

Overview

This document outlines deploying the wiz-cli docker image as an Azure Container Instance.

By reusing the wiz-cli docker image (and changing its entrypoint) you leverage the supported docker image.

This TechNote illustrates scanning IaC templates, but can be extended or modified for other use cases.