z0ph / aws-security-toolbox Goto Github PK
View Code? Open in Web Editor NEWAWS Security Tools (AST) in a simple Docker container. :package:
Home Page: https://zoph.me
License: Apache License 2.0
AWS Security Tools (AST) in a simple Docker container. :package:
Home Page: https://zoph.me
License: Apache License 2.0
The reason is CONTAINER_IMAGE="aws-security-toolbox" should be CONTAINER_IMAGE="zoph/aws-security-toolbox"
Have a look at https://github.com/salesforce/policy_sentry/ ; could be a nice addition.
Cheers ๐ค
aws-security-toolbox/Dockerfile
Line 36 in 30fa247
Just adding this hear as a suggestion mostly AFAICT there is no reason you need git installed here other than the fact that you're cloning entire repos to install them.
However Github has a "release" feature and all the repos you're downloading utilize them. This would allow you to save installing git, just do this with curl and have a lot less work to do installing and building this image.
I also think it would make it cleaner especially because Github makes it easy to package releases for specific OS's so you could only download a .deb file if they are to make one available at some point.
Overall kudos on putting something together and trying to be useful to the community.
Current Docker Image size:
aws-security-toolbox latest 79e46d6e5909 1.54GB
ERROR: cloudtracker 2.1.4 has requirement boto3==1.5.32, but you'll have boto3 1.10.46 which is incompatible.
ERROR: cloudtracker 2.1.4 has requirement jmespath==0.9.3, but you'll have jmespath 0.9.4 which is incompatible.
ERROR: cloudtracker 2.1.4 has requirement pyyaml==4.2b4, but you'll have pyyaml 5.2 which is incompatible.
aws-security-toolbox/Dockerfile
Line 7 in 30fa247
Nowhere in the README is this clear that you're defaulting to this region, if this project takes up any real adoption this could cause confusion for people.
My suggestion would be to default to grabbing this from a .env file and to check in a .env.example file to the repo so that people know to set a default region
Requested by users on Reddit:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.