Posts

Showing posts from 2018

List of AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tools

Scout2Scout2 is an open source tool that helps assessing the security posture of AWS environments. Using the AWS API, the Scout2 Python scripts fetch CloudTrail, EC2, IAM, RDS, and S3, configuration data
Prowler, An AWS CIS Benchmark Tool Prowler follows guidelines of the CIS Amazon Web Services Foundations Benchmark and additional checks.  A tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark.

Replace Custom SCOM Monitors with Site24x7 Plugins

Replace Custom SCOM Monitors with Site24x7 Plugins

To do...

Automated Service Monitoring with F5, Consul and Python F5 SDK

from f5.bigip import ManagementRoot

# Connect to BIG-F5
mgmt = ManagementRoot("test.server.com", "testuser", "testpassword")

# Get a list of all pools on the BigIP and print their names
pools = mgmt.tm.ltm.pools.get_collection()
for pool in pools:
    print("+++ \t", pool.name)
    for member in pool.members_s.get_collection():
        print("\t--- \t",  member.name)

# Create a HTTP Monitor for an F5 Pool
if mgmt.tm.ltm.monitor.https.http.exists(partition='Common', name='F5Automation_HTTP_Monitor'):
    print ("HTTP Monitor Already Exists...")
else:
    mgmt.tm.ltm.monitor.https.http.create(name="F5Automation_HTTP_Monitor", partition="Common")

# Load an existing pool and update its description
pool_a = mgmt.tm.ltm.pools.pool.load(name='F5Automation', partition='Common')
pool_a.description = "F5Automation"
pool_a.monitor = "F5Automation_HTTP_Monitor"
pool_…

Synchronize tag values between EC2 instances and EBS volumes

Synchronize tag values between EC2 instances
and EBS volumes for the following tags

Name
Owner
Environment
CostCentre

The code also makes use of existing IAM roles with assume role and MFA tokens

# ------------------------------------------
# synchtags.py
# synchronize tag values between EC2 instances
# and EBS volumes for the following tags
#
#Name
#Owner
#Environment
#CostCentre
#
# ------------------------------------------
import boto3
import sys
from datetime import datetime, timedelta

# Account Switch
print(sys.argv[1])
if sys.argv[1] == "Production":
sRoleSessionName="Production"
sRoleArn="arn:aws:iam::xxxxxxxxxxxx:role/production-fulladmin"
sSerialNumber="arn:aws:iam::xxxxxxxxxxxx:mfa/username"

if sys.argv[1] == "Development":
sRoleSessionName="Development"
sRoleArn="arn:aws:iam::xxxxxxxxxxxx:role/development-fulladmin"
sSerialNumber="arn:aws:iam::xxxxxxxxxxxx:mfa/username"

mfa_token = input("Enter the …

Build and Test Serverless Applications Locally

AWS SAM Local is a CLI tool for local development and testing of Serverless applications