https://github.com/ytensor42/dev-sec-ops
DevSecOps Sample Projects
https://github.com/ytensor42/dev-sec-ops
actions aws azure devops devsecops gcp github kubernetes mlops python terraform workflows
Last synced: 2 months ago
JSON representation
DevSecOps Sample Projects
- Host: GitHub
- URL: https://github.com/ytensor42/dev-sec-ops
- Owner: ytensor42
- License: gpl-3.0
- Created: 2025-07-24T19:15:35.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2025-10-06T17:30:15.000Z (9 months ago)
- Last Synced: 2025-10-06T19:14:43.249Z (9 months ago)
- Topics: actions, aws, azure, devops, devsecops, gcp, github, kubernetes, mlops, python, terraform, workflows
- Language: HCL
- Homepage:
- Size: 1.92 MB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Dev-Sec-Ops Examples
## Infrastructure as Code [](https://github.com/ytensor42/dev-sec-ops/actions/workflows/terraform.yaml)
- [Terraform modules](./tf-modules/README.md)
- github based module sources
### AWS
- [Base infrastructure](./infra/aws/base/README.md)
- [`default` VPC](./infra/aws/base/README.md#default-vpc)
- [NAT Gateway](./infra/aws/base/README.md#nat-gateway)
- [SSM](./infra/aws/base/README.md#ssm-vpc-endpoint) / [ECR](./infra/aws/base/README.md#ecr-vpc-endpoint) VPC Endpoints
- [VPN](./infra/aws/vpn/README.md)
- [AWS Client VPN](./infra/aws/vpn/README.md#aws-client-vpn)
- [Site-to-Site with VPN Gateway](./infra/aws/vpn/README.md#aws-vpn-using-virtual-private-gateway)
- [Site-to-Hub with Transit Gateway](./infra/aws/vpn/README.md#aws-vpn-using-transit-gateway)
- [Site-to-Site VPN between AWS VPC and GCP VPC]
- *TBD*
- [EC2](./infra/aws/ec2/README.md)
- [`test` instance](./infra/aws/ec2/README.md#test-instance)
- [`dev` instance](./infra/aws/ec2/README.md#dev-instance)
- [ECS](./infra/aws/ecs/README.md)
- [`python-webapp1` service](./infra/aws/ecs/README.md#python-webapp-service)
- [RDS](./infra/aws/rds/README.md)
- [`devpostgres` instance](./infra/aws/rds/README.md#devpostgres-instance)
- [VPC Peering]()
- _TBD_
- Peering `default` VPC and `backend` VPC
- EC2 instance in private subnet @ each VPC
- Route between private subnets
- [EKS provisioning using `terraform`]()
- _TBD_
- Private subnets @ `default` VPC
- Public accessible controller
- [EKS provisioning using `eksctl`]()
- _TBD_
- Private subnets @ `default` VPC
- Public accessible controller
- Tools installation after provisioning
- [Transit Gateway between VPCs in different AWS account]()
- _TBD_
- [Single VPC internet exits for multiple VPCs using Transit Gateway]()
- _TBD_
- NAT GW @ `default` VPC
- No NAT GW @ 2 other VPCs
- Transit Gateway among all 3 VPCs
- All outgoing traffic will be routed to `default` VPC then exit to internet
### GCP
- [Base infrastructure](./infra/gcp/base/README.md)
- _TBD_
- [VM](./infra/gcp/vm/README.md)
- _TBD_
- Private subnet
- iAH connection
- [GKE](./infra/gcp/vm/README.md)
- _TBD_
- Private subnet
---
### CI/CD
- [Web Application / ALB + ECS + RDS @ Peered VPC]()
- _TBD_
- [3 Tier Web Application / ALB + EKS + API + RDS]()
- _TBD_
- [Web Application 2 / ArgoCD on EKS]()
- _TBD_
- [Developer-controlled Github Runner using Action Runner Controller]()
- _TBD_
---
### Security
- [Accessing Resource on Private Subnet using AWS SSM]()
- _TBD_
- No public IP address
- No VPN
- Direct ssh access to instance
- Accessing backend resource using port-forwarding on private instance
- [Accessing Resource on Private Subnet using Kubernetes control plane]()
- _TBD_
---
## MLOps
- Deploy model from Huggingface
- _TBD_