Skip to content
/ protect-code-with-gauntlt Public

Demonstration of how Gauntlt can protect your code from well-known attacks

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lrakai/protect-code-with-gauntlt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
infrastructure
infrastructure
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

protect-code-with-gauntlt

Demonstration of how Gauntlt can protect your code from well-known attacks

Final Environment

Getting Started

Deploy the CloudFormation infrastructure/cloudformation.json template. The template creates a user with the following credentials and minimal required permisisons to complete the Lab:

  • Username: student
  • Password: password

Instructions

  • Add a Test stage in between the source and build stage in CodePipeline
    • The Test stage should use the App-Test CodeBuild projectc created by the CloudFormation template
    • The stage should use the SourceOutput as its input artifact
  • Open the Cloud9 IDE created by CloudFormation
  • Create the buildspec.yml and buildspec.test.yml files included in the src/cicd/ directory in the Cloud9 environment
  • zip the the two YAML files into a file called src.zip
  • Upload src.zip to the S3 bucket with codeartifacts in its name
  • Watch the CodePipeline process the new source and eventually fail on the Test stage
  • Open the CodeBuild error to inspect the Gauntlt report for which attack failed

Cleaning Up

Delete the CloudFormation stack to remove all the resources used in the Lab.

About

Demonstration of how Gauntlt can protect your code from well-known attacks

Topics

attack codepipeline devsecops gauntlt

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published