Bandit: Static security analysis of Python programs

Tools written in Python can use the built-in ast module to parse and analyze other Python code into an “Abstract Syntax Tree“.

Flake8, PyFlakes, PyLint, Radon, or another tool that provides style checking, lint discovery, or complexity computation. They all use the AST to provide that functionality.

There’s also a tool called Bandit that uses the AST to provide static security analysis of Python programs.

Install Bandit:

pip install bandit
# Or if you're working with a Python 3 project
pip3 install bandit

Run Bandit:

bandit -r path/to/your/code

Bandit scans our files for any known vulnerabilities and then provides us with explicit feedback about what it found, the severity of the problem, and how confident it is in its discovery.

Ref: Link

Advertisements

Ansible Debugging

Image result for ansible logo

Find the servers on which playbooks exectuion are failing [you can find the failed servers list in site.retry]

Find the name of the tasks that are failing from the ansible playbook execution output.

Open the playbook

Go to the failing task, study/understand what the task is about and if the task is dependent on other tasks then study those too.

Use ansible register module with the failing tasks to store the output of task into a variable.

Use ansible Debug module to get the output.

Use ansible tags for the failing tasks.

Execute the playbook on the failed servers using “–limit” option.

Eg: ansible-playbook -i inventory playbook.yml –limit “failed-server1:failed-server2” –tags “tag-name1,tag-name2”

 

 

Install the AWS CLI Using the Bundled Installer for MAC, OS X El Captain Version 10.11.2

Follow these steps from the command line to install the AWS CLI using the bundled installer.

To install the AWS CLI using the bundled installer

  1. Download the AWS CLI Bundled Installer.
    $ curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
  2. Unzip the package.
    $ unzip awscli-bundle.zip

    Note

    If you don’t have unzip, use your Linux distribution’s built in package manager to install it.

  3. Run the install executable.
    $ sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

The above steps as mentioned in the article http://docs.aws.amazon.com/cli/latest/userguide/awscli-install-bundle.html, worked for me but when I tried “pip install awscli –upgrade –user” on my mac book, the installation went fine but not sure why I was unable to use the cli command “aws”.

 

$ aws configure

give your aws-key-id and aws-secret-key