Scripts to assist with the configuration and operation of Cloud Foundry.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
buildpack-eol
.gitignore
CONTRIBUTING.md
LICENSE.md
README.md
cf-create-deployer-user.sh
cf-create-org.sh
cf-create-user.sh
cf-get-recent-users.py
cloudtrail-check.sh
count-sandbox-logs.py
create-concourse-team.sh
customer-pentest-instances.sh Simple little script to output current instances to include in pentest Dec 4, 2017
generate-concourse-environment.sh
generate-passphrase
get-all-cf-deployers.sh
get-all-external-dependencies.py
get-all-repos.sh
jumpbox
make-cf-admin.sh
make-concourse-navigator.sh
make-ops-admin.sh
parse-owasp-zap-xml.py
poke-cdn.sh
print_cves_for_release.sh
reset-totp.sh
suspend-org.sh
uaa-create-auth-client.sh
update-cloudfront.sh

README.md

cloud-foundry-scripts

Scripts to assist with the configuration and operation of Cloud Foundry.

Managing cloud.gov team

Creating Concourse "navigator" team members

  1. uaac target <OPS_UAA_FQDN>

  2. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  3. Run

    ./make-concourse-navigator.sh <EMAIL_ADDRESS>

Removing Concourse "navigator" team members

  1. uaac target <OPS_UAA_FQDN>

  2. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  3. Run

    ./make-concourse-navigator.sh -r <EMAIL_ADDRESS>

Creating platform admins

These steps correspond to the steps for creating admins.

  1. Have the user log in to CF first.

  2. uaac target <CF_UAA_FQDN>

  3. uaac token client get admin -s <CF_UAA_ADMINCLIENT_PASSPHRASE>

  4. Run

    ./make-cf-admin.sh <EMAIL_ADDRESS>
  5. uaac target <OPS_UAA_FQDN>

  6. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  7. Run

    ./make-ops-admin.sh <EMAIL_ADDRESS>

Removing platform admins

  1. uaac target <CF_UAA_FQDN>

  2. uaac token client get admin -s <CF_UAA_ADMINCLIENT_PASSPHRASE>

  3. Run

    ./make-cf-admin.sh -r <EMAIL_ADDRESS>
  4. uaac target <OPS_UAA_FQDN>

  5. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  6. Run

    ./make-ops-admin.sh -r <EMAIL_ADDRESS>

Creating deployer users

  1. Ensure the user running this is a CF admin (see Creating admins)

  2. Run

    ./cf-create-deployer-user.sh <ORG>

Creating CSV for recent users since a given date

  1. pip install pyyaml
  2. gem install cf-uaac
  3. uaac target uaa.fr.cloud.gov
  4. uaac token sso get cf -s '' --scope scim.read
  1. python cf-get-recent-users.py YYYY-MM-DD

Creating CSV for counting sandboxes logs over the last three months

  1. apt update
  2. apt install python3
  3. pip install -U requests
  4. pip install -U dateutil
  5. export ES_HOST="${IP_ADDRESS_LOGSEARCH_MASTER_NODE}"
  6. python3 count-sandbox-logs.py
  7. ls -l summary.csv