Marius Mitrofan's Projects
Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy. Avoid writing scripts or custom code to deploy and update your applications ā automate in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com/ansible/
Apache exporter
Containerized AWS CLI on alpine to avoid requiring the aws cli to be installed on CI machines.
Code samples related to "Building a CloudWatch Dashboard Outside of the AWS Console" blog post published on the AWS DevOps blog. This post demonstrates how to build a custom monitoring dashboard outside of the AWS Console by leveraging snapshot graphs.
Example of serverless integration for SaaS products listed on the AWS Marketplace.
Tools and sample code provided by AWS Premium Support.
CloudFormation Linter
CloudFormation automation template which launches an auto-scaling infrastructure for running the MyBB application version 1.8.6.
PHP library to interact with consul.io
PHP Consul SDK
Consul-Template docker based on alpine
Example of how to set up a custom lambda authorizer on an API Gateway to authenticate users/requests via Cookies instead of using the Authorization Header.
CSP (Content Security Policy) reports server which forwards reports to Elasticsearch.
A tool for developers to create cloud-native applications on Kubernetes.
Ethereum Kubernetes Sandbox
Play with docker class-room repo
Small shim that allows AWS Cognito to talk to github (by providing an OpenID wrapper around the Github API)
This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.
This guide demonstrates how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to network communication. You will provision a simple HTTP server and two client pods in a Kubernetes Engine cluster, then use a Network Policy restrict connections from client pods.
This project covers two use cases for RBAC within a Kubernetes Engine cluster. First, assigning different permissions to user personas. Second, granting limited API access to an application running within your cluster. Since RBAC's flexibility can occasionally result in complex rules, you will also perform common steps for troubleshooting RBAC as a part of the second scenario.
This lab demonstrates some of the security concerns of a default Kubernetes Engine cluster configuration and the corresponding hardening measures to prevent multiple paths of pod escape and cluster privilege escalation.
No longer maintained, superseded by JS Cookie:
script to create a single node k8 setup for testing in a core os instance
Tool for using AWS Kms data keys to encrypt and decrypt large files.
Bootstrap Kubernetes the hard way on Google Cloud Platform. No scripts.
Development repository for the Chef Cookbook for logrotate
Docker Official Image packaging for MongoDB