| Follow @lancinimarco | Subscribe to CloudSecList

Back in April, I saw a post on the Cloudflare tech blog which explained how Auditable Terminal gives you a fully featured SSH client in your browser: you authenticate using Cloudflare Access, and can log into a computer - and get a terminal - just using a browser.

The post made me curious, but at the time I didn’t have capacity to look into it. Until now, when I decided to give it a go for my home lab.

Over the past couple of weeks, I started thinking a bit more about adding resiliency to my personal projects and accounts. You can follow my entire thought process on Twitter (see the embedded Tweet below), but in this blog post I’m going to focus on Github.

Following AWS, the second most critical service for my projects is Github: 90% of my code is stored there (mostly in private projects), and I have to admit I never took a backup of this data.

So I finally decided to set some time aside to set up an automated process to backup my Github account, and I ended up relying on ECS (Fargate) and S3 Glacier. This blog explains the architecture and implications of the final setup I decided to go with.

Previous Articles

On Establishing a Cloud Security Program    MUST READ
Automating Cartography Deployments on Kubernetes
Kubernetes Lab on Baremetal    MUST READ
Security Logging in Cloud Environments - GCP    MUST READ
A Quick Look at GKE Autopilot (in 15 minutes)
Security Logging in Cloud Environments - AWS    MUST READ
Semgrep for Cloud Security
Introducing CloudSecDocs.com
Domain-Wide Delegation of Authority in GSuite
Tracking Moving Clouds: How to continuously track cloud assets with Cartography    MUST READ
So I Heard You Want to Learn Kafka    MUST READ
The Current State of Kubernetes Threat Modelling    MUST READ
Building a Serverless Mailing List in AWS
My Blogging Stack
Remote Development with a Chromebook in 2020
Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography    MUST READ
Cross Account Auditing in AWS and GCP
Introducing CloudSecList.com
Deploy Your Own Kubernetes Lab
Offensive Infrastructure: the HashiStack
Critical Vulnerability in Kubernetes API Server (CVE-2018-1002105)
Red Teaming Mind Map from The Hacker Playbook 3
My Arsenal of Cloud Native (Security) Tools
Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)
So I Heard You Want to Learn Kubernetes    MUST READ
GoScan v2
Offensive Infrastructure: Introduction to Consul
Offensive ELK: Elasticsearch for Offensive Security    MUST READ
Robtex-Go: Go Client for the Robtex API
Introducing GoScan (aka a reason to learn Go)
Burp Pro as a Docker Container
Docker + Consul + Vault: A Practical Guide
Needle meets Jenkins: how to include Needle in your CI pipeline
Needle v1.0.0 released: new native agent and support for iOS 10
Needle V0.1.1 Released
iOS 9: Effective Jailbreak
Needle V0.0.4 Released
Needle Status Update
A quick intro to Needle
Introducing Needle