Terraform module providing a secure baseline for AWS
-
Updated
Jun 17, 2025 - HCL
Terraform module providing a secure baseline for AWS
Complete CNAPP Demo using Prisma Cloud
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Production-ready SOC implementation with Splunk, SOAR automation, and MITRE ATT&CK detection rules splunk, phantom, zeek, incident-response, threat-hunting, detection-rules, blue-team, security-orchestration, aws, cloud-security, devops, infrastructure-as-code
This Guidance demonstrates how to automate the deployment of an Amazon Elastic Kubernetes Service (Amazon EKS) cluster for external single sign-on authentication.
▦ An Ansible role to harden SSH on Centos 7.
Example setup of workload-identity into a Kubernetes cluster on GCP - https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity
CIS Benchmark Automation for Windows
This repository contains AWS Cloud Engineering Best Practices along with real-world code examples to help engineers build secure, scalable, and cost-effective solutions on AWS.
Secure CI/CD Pipeline for PCI-DSS Compliance | Demonstrates DevSecOps best practices with automated security scanning (SAST), secrets management, and Zero Trust architecture using AWS CodePipeline, Terraform, and Checkov | Multi-account AWS deployment with KMS encryption and manual approval gates | Requirements 6.2 & 6.3 compliant
Event-driven AWS cloud security automation that detects IAM privilege escalation, alerts security teams via SNS, and supports governance-aware remediation using Terraform and Python.
This repository documents my hands-on learning using AWS Skill Builder, focusing on AWS Organizations and cloud governance.
Automated IaC security gate for Azure: Checkov + Trivy CI/CD pipeline blocking misconfigs and CVEs at commit time
Terraform packages for AWS Transit Gateway
Multi-cloud Terraform IaC security scanning for AWS and GCP using Checkov, with CI security gates and documented remediation evidence.
End-to-end Azure infrastructure automation lab using Terraform, Ansible, GitHub Actions, inventory reporting, security baselines, and drift detection.
Serverless AWS chatbot using Terraform. Secure Lambda with private subnet + NAT.
Automated security configuration management pipeline integrating OpenSCAP compliance scanning with Ansible-driven remediation on Ubuntu 22.04.
Terraform security lab — modular IaC with automated scanning (tfsec, Checkov, Gitleaks) and a custom Python policy scanner enforced via GitHub Actions CI/CD.
AWS DevSecOps pipeline using Terraform, GitHub Actions, Checkov, AWS Config, EventBridge, and Lambda for automated cloud compliance remediation.
Add a description, image, and links to the security-automation topic page so that developers can more easily learn about it.
To associate your repository with the security-automation topic, visit your repo's landing page and select "manage topics."