InfraSec

GitOops

This is the official walkthrough for the vmGoat Scenario GitOops.

Automate the building and deployment of static frontend applications using an Argo Workflows pipeline and AWS CloudFront.

Don’t run your frontend applications on servers or containers. Move your project to a content distribution network (CDN) and gain the following benefits:

1. Increase application responsiveness
2. Reduced operational overhead
3. Improved Security

Annual Northeast CCDC black team competition notes and infrastructure details.

This covers how we set up the environment, qualifier and regional competitions (services and injects) and then some fun stats we collected along the way.

Using Argo Workflows to build container images with Kaniko and push them to different registries. This post goes over sending the image to multiple ECR repositories in different AWS partitions but it could easily be switched out with another registry (Docker, GitHub, etc.).

Using AWS EKS with IAM OIDC providers set up in two accounts, allows different pods/service accounts to assume permissions in each account.

When searching for Kubernetes and Cloud Native Security Associate (KCSA) study materials, I couldn’t find any that were both free and high-quality. So, I’ve created this resource to guide you through the curriculum and provide free resources for your studies.

Warning Spoilers Ahead!

This is a write up the CloudGoat scenario sns_secrets and was created by the one and only Tyler Ramsbey.

Another walkthrough of the scenario can be found on TryHackMe which uses the Pacu SNS modules, mines uses the AWS CLI.

At time of writing this the scenario is still a GitHub Pull Request but its ready!