Vault assistant is a quick and easy way to install, configure and run Hashicorp Vault. It provides a dock application to start; stop; seal; unseal and other support functions.
Vault Custom Plugin example showing how to create a custom secret store backend. Can be used a framework or starting point to help jumpstart a development effort.
This repository contains a python module that allows users to access GCP from AWS without the use of static credentials (aka GCP service account keys). This module can be imported into any python script and leveraged to generate an ephemeral GCP service account access token.
Project Lockdown is a collection of serverless event-driven auto remediation Cloud Functions designed to react to unsecure resource creations or configurations. Project Lockdown is meant to be deployed in a GCP environment and has the capabilities to monitor and remediate across your entire Organization hierarchy in a matter of seconds.
This is a 100% serverless tool that analyzes GCP Organization Policies for updates and then posts to a Slack channel as well as Twitter via our Twitter bot.
This repo is a collection of AWS Service Control Policies (SCPs) written in Hashicorp Terraform to be used in AWS Organizations.
- GitHub: jdyke - ScaleSec: Jason Dyke
- GitHub: cleibl - ScaleSec: Chris Leibl
- GitHub: eric-gonzales - ScaleSec: Eric Evans
- Hashicorp Configuration Language (HCL)
Crawls your GCP Organization and returns service accounts that have not been used in the past 90 days based on GCP Recommender Service Account Insight findings.
This script will inventory your entire GCP Organization’s API keys and create two files:
keys.csv. You can read the blog related to this repository here.
The Terraform module and Cloud Function is used to demonstrate the concepts discussed in this Article. This repo contains all you need to begin automating remediations for Event Threat Detection findings.