avatarTeri Radichel

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

1431

Abstract

ow would things sound if I stopped thinking?</li></ul><h2 id="9fa8">Somatic Field</h2><ul><li>Which part of my body is the least comfortable?</li><li>Which parts of my body are hardest to detect?</li><li>What happens when I concentrate on two body parts at once?</li><li>Do any bad emotions arise during the body scan?</li><li>How would my body change if I stopped thinking about it?</li></ul><h2 id="778a">Taste Field</h2><ul><li>Does the taste change as I roll it around my tongue?</li><li>How does the intensity compare with other things I have tasted?</li><li>How would it taste if I had never smelled it?</li><li>Does my feeling about the taste change between first contact and swallow?</li><li>How would it taste if I were asleep right now?</li></ul><h2 id="a87c">Olfactory Field</h2><ul><li>Would I recognize the smell if I had not seen it?</li><li>What adjectives are suitable? (Smooth? Bold? Sweet? Floral?)</li><li>How close must it come to me before my nose can detect it?</li><li>Does it improve my mood or worsen it?</li><li>What memories does it bring to mind?</li></ul><h2 id="5631">Cognitive Field</h2><ul><li>If my thoughts were rabbits in a yard, how crowded would the yard be?</li><li>If my attention was a dog, which rabbits would it chase?</li><li>How much of my focus three seconds ago was on the past?</li><li>How does a little circle make me feel?</li><li>What would I be dreaming now if I were not awake?</

Options

li></ul><h2 id="9690">Emotional Field</h2><ul><li>How easy or hard is it to turn each feeling on and off?</li><li>What changes will happen when I start to pray?</li><li>If I were the prow of a ship would my sea be bright under the sun?</li><li>Who have I shared this suffering with?</li><li>How deeply do I love you?</li></ul><figure id="ef74"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*31vXTbzWPAdDxN72iuu31w.jpeg"><figcaption>Photo by Author | Dancing with the Goddess</figcaption></figure><h2 id="1f17">Questions After the Scans are All Finished</h2><ul><li>Did I close my eyes for most of the scans?</li><li>In what ways are mental fields like maps?</li><li>If I were only allowed to keep one field, which one would I choose?</li></ul><h1 id="010c">Note</h1><p id="4022">To the best of my recollection, all the questions are in my own words. If I copied anybody from unconscious memory it was probably my first remote meditation teacher, <a href="https://www.thegreatcourses.com/professors/mark-w-muesse/">Mark Muesse</a>, a Therevada practitioner from Texas.</p><h1 id="d3c3">About the Author</h1><p id="f104">Tom spends his workdays asking people in a big store if they would like any information about heating and cooling. He often wears an Indiana Jones hat. A grapevine in his front yard convinced him to let her live and to even provide her with a little support. That’s all. :)</p></article></body>

Updating Test Scripts With Dependencies in Mind

90. Formulating test scripts to deploy resources with dependencies in the correct order (and with minimal hassle)

Part of my series on Automating Cybersecurity Metrics. The Code.

Free Content on Jobs in Cybersecurity | Sign up for the Email List

We deployed an EC2 instance encrypted with a KMS key in the last post.

In this post, we’re going to look at how dependencies affect our deployment code and how to deal with that problem.

Order of Operations and Dependencies with CloudFormation

When you use CloudFormation by creating a mammoth script with everything in it CloudFormation tries to handle all your dependencies for you. It misses a few things but for the most part it does a good job. However, then you have a large, unwieldy CloudFormation template that is difficult to troubleshoot.

As I’ve shown a number of times in my blogs a single space can cause the most obscure error messages. Would you rather find that space in 1000 lines of code or 25?

The reason I don’t use massive CloudFormation templates despite the dependency management that provides is for maintainability and easier troubleshooting. We can also independently deploy different resources if we need to. It’s easier to track and find the stack with the associated resource by keeping our templates small and use the naming convention I described previously.

I also explained that I don’t like the dependency on S3 for stack sets. There’s a whole catch 22 — I haven’t even created an S3 bucket yet and look at all the things we needed to deploy first. You’d have to manually create a bucket without encryption to create the stack with the KMS user to deploy the key and then deploy the bucket and …you get the idea. I prefer to avoid S3 for CloudFormation deployments.

Because I’m handling the deployment of individual resources myself, I also have to manage dependencies and deploy things in the correct order. It’s not too difficult if you break up your templates the way I’ve done in my GitHub repo.

Dependencies in my latest changes that affect my test scripts

Right now, I want to check in all that code I just worked on. I should have checked it in a lot sooner but I didn’t want to break anything for users trying out the existing code. Before I check it in again I need to update and test all my test scripts. I should ideally delete and re-deploy everything as well, but I’m going to initially just make sure it works.

As I explained in a prior post:

  • Before we can store a new SSH key in a secret we need to create the secret.
  • Before we can create the secret we have to create the KMS key used to deploy the secret and encrypt it.
  • We need to create our IAM users, roles, and policies before we can take any of the above actions using KMS or Secrets Manager.

For this reason I have two test scripts in the IAM directory now. I’ve broken apart the creation of KMS keys from the deployment of users, roles, and groups.

I think I mentioned before it is also possible to let users create those credentials for themselves, but at the moment I have not given my users ability to use the console. In this account, everything is supposed to be deployed in an automated fashion — no button clicks!

Edits to initial IAM admin creation in our test script

I also edited the default creation of the first IAM admin user, role and group to use a profile named ROOT. The script tells you when you run it that you need to create that ROOT profile. It asks you if you want to continue.

Initially you might manually create a user to deploy the first automated user. Perhaps you keep that user around as a backup in case all the CloudFormation templates get deleted and require two people to use it later because it has a very powerful role.

After creating the initial IAM user, group and admin, the script pauses again and allows you to exit to revise your IAM profile to use the new IAM user and role that just got created with MFA.

Then you can proceed to run the rest of the test script which creates all the other resources we’ve created to date (and anything else I checked since this post.)

New and modified test scripts

Note that initially I called the primary and first profile IAM in the code below but I later changed it to “ROOT”. You’ll see why in subsequent posts. For the moment this screenshot shows when the user was named IAM.

I created a test_ssh.sh file in the IAM directory.

We need a test.sh script in our AppDeploy directory.

Also in our VMs directory.

Now that we have all that we can deploy things in the correct order in the test.sh file in the root directory of our GitHub repo code.

After testing that once with the existing stacks to confirm I had no typos, I deleted and re-deployed everything again.

At this point I realized I had a problem with my batch job credential scripts.

Rather than redeploying one long test script with all my resources over and over, I can simply deploy the individual script in that folder and test it until I fixed the problem. That is the beauty of breaking your deployments into small pieces you can test independently.

After that I could continue trying to run the longer script.

After that one fix, everything seems to create correctly.

And now…I can check in the code!

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2022

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Infrastructure Testing
Cloudsecurity
Test Scripts
Deployment
Test
Recommended from ReadMedium