Continuous Visibility into Ephemeral Cloud Environments
A collection of resources and tutorials for providing continuous visibility into ephemeral cloud environments.
This is the high-level outline of the different sections:
This is the high-level outline of the different sections:
What cloud resources are needed, and how to define them in a manner that safely allows a tool to perform a security audit across a fleet of AWS accounts/GCP projects.
- AWS Setup
- Resource Definition
- Setup Role role-security-audit in every account
- Setup Role role-security-assume in Hub account
- Setup User user-security-audit in Hub account
- Setup Tooling for Cross-Account Auditing
- Setup ~/.aws/credentials
- Setup ~/.aws/config
- GCP Setup
- Resource Definition
- Setup Tooling for Cross-Account Auditing
How to leverage Cartography to detect, identify, categorize, and visualize all the assets being deployed in your estate.
- The Challenges Posed by Ephemeral Environments
- Enter Cartography
- Cartography's Value Proposition
- Real World Setup
- Multi-Cloud Auditing
- Access Configuration: AWS IAM
- Access Configuration: GCP IAM
- Deployment on Kubernetes
- Neo4j Deployment
- Cartography Deployment
- Data Consumption
- The Basics: Neo4j Browser
- The Automation: Programmatic Analysis
- Custom Query Format
- Creation of New Queries
- Query Manager
- Repeatability: Jupyter Notebooks
- Code Structure
- Run Notebooks
- Upgrade to Dashboards
How to leverage Cartography and Elasticsearch to continuously monitor all cloud assets in your estate and alert on any instance of drift.
- Multi-Cloud Auditing with Cartography
- Elasticsearch Integration
- High Level Setup
- Deployment on Kubernetes
- Ingestor Deployment
- Elasticsearch Deployment
- Data Consumption: Kibana
- Drift Detection
- Drift Detection with Elasticsearch
- Elastalert Alerts (Slack and Jira)
How to setup Domain-Wide Delegation of Authority in GSuite.
- The Need for Domain-Wide Delegation of Authority
- Process
- 1️⃣️ Create an Account in GSuite
- 2️⃣️ Create a Service Account in GCP