├── .coverage.svg ├── .dockerignore ├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md └── workflows │ ├── codeql-analysis.yml │ ├── linter.yml │ └── run_tests.yml ├── .gitignore ├── .terraform.lock.hcl ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── docker └── scripts │ ├── entrypoint.sh │ ├── install_deps.sh │ └── test.sh ├── docs ├── CONTRIBUTING.md ├── DEVELOPMENT.md └── LOGFILTERS.md ├── img └── lockdown_banner.png ├── main.tf ├── providers.tf ├── src ├── README.md ├── common │ ├── __init__.py │ ├── lockdown_checklist.py │ ├── lockdown_logging.py │ └── lockdown_pubsub.py ├── compute_default_sa │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── kms_key_rotation │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── legacy_gke_abac │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── protect_lockdown_sa │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_artifact_repo │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_bigquery_dataset │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_bigquery_table │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_compute_image │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_firewall_port │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_gcs_bucket │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_kms_keys │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── public_pubsub_topic │ ├── __init__.py │ ├── main.py │ └── requirements.txt └── weak_ssl_policy │ ├── __init__.py │ ├── main.py │ └── requirements.txt ├── terraform.tfvars ├── terraform ├── main.tf └── variables.tf ├── tests ├── __init__.py └── test.py └── variables.tf /.coverage.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.coverage.svg -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | .git** 2 | *.md 3 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.github/ISSUE_TEMPLATE/bug_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.github/ISSUE_TEMPLATE/feature_request.md -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.github/workflows/codeql-analysis.yml -------------------------------------------------------------------------------- /.github/workflows/linter.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.github/workflows/linter.yml -------------------------------------------------------------------------------- /.github/workflows/run_tests.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.github/workflows/run_tests.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.gitignore -------------------------------------------------------------------------------- /.terraform.lock.hcl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/.terraform.lock.hcl -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/README.md -------------------------------------------------------------------------------- /docker/scripts/entrypoint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/docker/scripts/entrypoint.sh -------------------------------------------------------------------------------- /docker/scripts/install_deps.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/docker/scripts/install_deps.sh -------------------------------------------------------------------------------- /docker/scripts/test.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/docker/scripts/test.sh -------------------------------------------------------------------------------- /docs/CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/docs/CONTRIBUTING.md -------------------------------------------------------------------------------- /docs/DEVELOPMENT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/docs/DEVELOPMENT.md -------------------------------------------------------------------------------- /docs/LOGFILTERS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/docs/LOGFILTERS.md -------------------------------------------------------------------------------- /img/lockdown_banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/img/lockdown_banner.png -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/main.tf -------------------------------------------------------------------------------- /providers.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/providers.tf -------------------------------------------------------------------------------- /src/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/README.md -------------------------------------------------------------------------------- /src/common/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/common/lockdown_checklist.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/common/lockdown_checklist.py -------------------------------------------------------------------------------- /src/common/lockdown_logging.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/common/lockdown_logging.py -------------------------------------------------------------------------------- /src/common/lockdown_pubsub.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/common/lockdown_pubsub.py -------------------------------------------------------------------------------- /src/compute_default_sa/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/compute_default_sa/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/compute_default_sa/main.py -------------------------------------------------------------------------------- /src/compute_default_sa/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/compute_default_sa/requirements.txt -------------------------------------------------------------------------------- /src/kms_key_rotation/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/kms_key_rotation/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/kms_key_rotation/main.py -------------------------------------------------------------------------------- /src/kms_key_rotation/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/kms_key_rotation/requirements.txt -------------------------------------------------------------------------------- /src/legacy_gke_abac/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/legacy_gke_abac/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/legacy_gke_abac/main.py -------------------------------------------------------------------------------- /src/legacy_gke_abac/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/legacy_gke_abac/requirements.txt -------------------------------------------------------------------------------- /src/protect_lockdown_sa/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/protect_lockdown_sa/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/protect_lockdown_sa/main.py -------------------------------------------------------------------------------- /src/protect_lockdown_sa/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/protect_lockdown_sa/requirements.txt -------------------------------------------------------------------------------- /src/public_artifact_repo/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_artifact_repo/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_artifact_repo/main.py -------------------------------------------------------------------------------- /src/public_artifact_repo/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_artifact_repo/requirements.txt -------------------------------------------------------------------------------- /src/public_bigquery_dataset/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_bigquery_dataset/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_bigquery_dataset/main.py -------------------------------------------------------------------------------- /src/public_bigquery_dataset/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_bigquery_dataset/requirements.txt -------------------------------------------------------------------------------- /src/public_bigquery_table/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_bigquery_table/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_bigquery_table/main.py -------------------------------------------------------------------------------- /src/public_bigquery_table/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_bigquery_table/requirements.txt -------------------------------------------------------------------------------- /src/public_compute_image/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_compute_image/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_compute_image/main.py -------------------------------------------------------------------------------- /src/public_compute_image/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_compute_image/requirements.txt -------------------------------------------------------------------------------- /src/public_firewall_port/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_firewall_port/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_firewall_port/main.py -------------------------------------------------------------------------------- /src/public_firewall_port/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_firewall_port/requirements.txt -------------------------------------------------------------------------------- /src/public_gcs_bucket/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_gcs_bucket/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_gcs_bucket/main.py -------------------------------------------------------------------------------- /src/public_gcs_bucket/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_gcs_bucket/requirements.txt -------------------------------------------------------------------------------- /src/public_kms_keys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_kms_keys/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_kms_keys/main.py -------------------------------------------------------------------------------- /src/public_kms_keys/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_kms_keys/requirements.txt -------------------------------------------------------------------------------- /src/public_pubsub_topic/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/public_pubsub_topic/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_pubsub_topic/main.py -------------------------------------------------------------------------------- /src/public_pubsub_topic/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/public_pubsub_topic/requirements.txt -------------------------------------------------------------------------------- /src/weak_ssl_policy/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/weak_ssl_policy/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/weak_ssl_policy/main.py -------------------------------------------------------------------------------- /src/weak_ssl_policy/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/src/weak_ssl_policy/requirements.txt -------------------------------------------------------------------------------- /terraform.tfvars: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/terraform.tfvars -------------------------------------------------------------------------------- /terraform/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/terraform/main.tf -------------------------------------------------------------------------------- /terraform/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/terraform/variables.tf -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/tests/test.py -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ScaleSec/project_lockdown/HEAD/variables.tf --------------------------------------------------------------------------------