Posts

Showing posts from 2018

List of AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tools

Scout2 Scout2 is an open source tool that helps assessing the security posture of AWS environments. Using the AWS API, the Scout2 Python scripts fetch CloudTrail, EC2, IAM, RDS, and S3, configuration data Prowler, An AWS CIS Benchmark Tool Prowler follows guidelines of the CIS Amazon Web Services Foundations Benchmark and additional checks.  A tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark.

Replace Custom SCOM Monitors with Site24x7 Plugins

Replace Custom SCOM Monitors with Site24x7 Plugins To do...

Automated Service Monitoring with F5, Consul and Python F5 SDK

from f5.bigip import ManagementRoot # Connect to BIG-F5 mgmt = ManagementRoot("test.server.com", "testuser", "testpassword") # Get a list of all pools on the BigIP and print their names pools = mgmt.tm.ltm.pools.get_collection() for pool in pools:     print("+++ \t", pool.name)     for member in pool.members_s.get_collection():         print("\t--- \t",  member.name) # Create a HTTP Monitor for an F5 Pool if mgmt.tm.ltm.monitor.https.http.exists(partition='Common', name='F5Automation_HTTP_Monitor'):     print ("HTTP Monitor Already Exists...") else:     mgmt.tm.ltm.monitor.https.http.create(name="F5Automation_HTTP_Monitor", partition="Common") # Load an existing pool and update its description pool_a = mgmt.tm.ltm.pools.pool.load(name='F5Automation', partition='Common') pool_a.description = "F5Automation" pool_a.monitor = "F5Automation_HTTP

Synchronize tag values between EC2 instances and EBS volumes

Synchronize tag values between EC2 instances and EBS volumes for the following tags Name Owner Environment CostCentre The code also makes use of existing IAM roles with assume role and MFA tokens # ------------------------------------------ # synchtags.py # synchronize tag values between EC2 instances # and EBS volumes for the following tags # # Name # Owner # Environment # CostCentre # # ------------------------------------------ import boto3 import sys from datetime import datetime, timedelta # Account Switch print(sys.argv[1]) if sys.argv[1] == "Production": sRoleSessionName="Production" sRoleArn="arn:aws:iam::xxxxxxxxxxxx:role/production-fulladmin" sSerialNumber="arn:aws:iam::xxxxxxxxxxxx:mfa/username" if sys.argv[1] == "Development": sRoleSessionName="Development" sRoleArn="arn:aws:iam::xxxxxxxxxxxx:role/development-fulladmin" sSerialNumber="arn:aws:iam::xxxx

Build and Test Serverless Applications Locally

AWS SAM Local is a CLI tool for local development and testing of Serverless applications