Skip to content

Instantly share code, notes, and snippets.

View danifitz's full-sized avatar

Daniel Fitzgerald danifitz

18 followers · 10 following
View GitHub Profile
@danifitz
danifitz / wutrum.js
Last active February 25, 2025 13:33
rum-detector.js
(function () {
const RUM_DETECTORS = [
{
name: "Grafana Faro",
check: () => !!window.Faro || !!window.faro,
urls: ["faro.grafana.net"]
},
{
name: "Datadog RUM",
check: () => !!window.DD_RUM || !!window.DD_LOGS,
@danifitz
danifitz / alert.json
Created January 8, 2025 08:33
grafana-alert-payload
{
"alerts": [
{
"endsAt": "0001-01-01T00:00:00Z",
"labels": {
"team": "appenv",
"alertname": "Frontend Success Rate > 99.5% - SLO Burn Rate Very High",
"grafana_slo_uuid": "acyd5e09cipr8gtuqr0gl",
"grafana_slo_severity": "critical"
},
@danifitz
danifitz / lacework-inline-scanner-to-csv.sh
Created July 12, 2023 16:04
#!/bin/bash
IMAGE_NAME="postgres"
IMAGE_TAG="15"
# Read the JSON input from the standard input
input_json=$(lw-scanner evaluate $IMAGE_NAME $IMAGE_TAG --save --build-id ${BUILD_ID} --fixable --json)
filename="$(echo "$IMAGE_NAME:$IMAGE_TAG")_vuln_report_$(date +"%Y%m%d_%H%M%S").csv"
@danifitz
danifitz / iamlive-policy.md
Created February 21, 2023 16:18
iamlive-to-iam-policy.md

Using iamlive to proxy AWS CLI commands to get an least-privilege IAM policy for remediation templates

Install brew install iann0036/iamlive/iamlive Open a terminal window and start the proxy iamlive --set-ini --profile NAME_OF_AN_AWS_PROFILE --mode proxy Open a new terminal window where you will run AWS CLI commands Tell the AWS CLI which CA Bundle to use export AWS_CA_BUNDLE=~/.iamlive/ca.pem Set proxy settings

export HTTP_PROXY=http://127.0.0.1:10080 export HTTPS_PROXY=http://127.0.0.1:10080

@danifitz
danifitz / lw-gcp-cloudrun-inventory.sh
Last active January 19, 2023 13:11
an inventory script to measure vcpu consumption by gcp cloudrun
# A sample Bash script to count the number of vCPU's consumed by GCP CloudRun. @author [email protected]
REGIONS=(europe-north1 us-central1)
for region in ${REGIONS[@]}; do
SERVICES=$(gcloud run services list --region $region --format="json" | jq -r '.[] | .metadata.name')
echo "##############################\n GCP Region: $region"
for service in ${SERVICES[@]}; do
echo "##############################\n CloudRun service: $service \n##############################\n"
vcpu=$(gcloud run services describe $service --region $region --format="json" | jq -r '.spec.template.spec.containers | .[].resources.limits.cpu')
echo "$vcpu\n"
done
@danifitz
danifitz / expiredcertificate-policy.yaml
Created October 5, 2022 09:21
---
policyId: custom-global-1
title: Certificate due to expire in 20 days or less
enabled: true
policyType: Compliance
alertEnabled: true
alertProfile: LW_CFG_AWS_DEFAULT_PROFILE.CFG_AWS_Violation
evalFrequency: Daily
queryId: Verifone_AWS_Config_ACM_ExpiringCertificate
severity: high
@danifitz
danifitz / expiredcertificate.yaml
Created October 5, 2022 09:20
---
queryId: Custom_AWS_Config_ACM_ExpiringCertificate
queryText: |-
{
source {
LW_CFG_AWS_ACM_DESCRIBE_CERTIFICATE
}
filter {
RESOURCE_CONFIG:Certificate.Status NOT IN ('EXPIRED') and
DIFF_DAYS(current_timestamp_sec()::timestamp, RESOURCE_CONFIG:Certificate.NotAfter::timestamp) <= 20
@danifitz
danifitz / lacework-azure-devops.yml
Created April 25, 2022 15:46
lacework-container-scan-azure-devops-with-dockerized-scanner
trigger:
- main
pool:
vmImage: ubuntu-latest
steps:
- script: |
docker pull ubuntu:latest
docker run \
@danifitz
danifitz / lacework-tf-scan-azure-devops.yml
Created April 22, 2022 13:41
lacework-tf-scan-azure-devops.yml
# This pipeline has a single step which installs the LW IAC CLI, setups an auth token
# stored as a pipeline variable and then scans TF code within a directory.
trigger:
- main
pool:
vmImage: ubuntu-latest
steps:
@danifitz
danifitz / lacework-tf-scan-gitlab.yml
Last active October 13, 2022 15:40
stages: # List of stages for jobs, and their order of execution
- iac-scan
docker:image:
stage: iac-scan
image: docker:1.11
services:
- docker:dind
script: