Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
etcd-aws-cluster
Advanced tools
Readme
This container serves to assist in the creation of an etcd (2.x) cluster from an AWS auto scaling group. This is a fork from the upstream Monsanto repo, ported to Node.js. Much thanks to @tj-corrigan for doing the actual hard work of figuring out how to bootstrap etcd in AWS.
1
, 1.0
- (1/Dockerfile)2
, 2.0
, latest
- (master/Dockerfile)This container should be run on the instance in the autoscaling group you wish to run the etcd node on. It will autodiscover the current status of the cluster, and write a set of etcd params to stdout.
$ docker run building5/etcd-aws-cluster
For cases where you cannot run a docker container (like starting up an etcd cluster you want to point you docker cluster at), you can also run from npm
$ npm install -g etcd-aws-cluster
$ etcd-aws-cluster
This output could be:
written to /etc/sysconfig/etcd-cluster
for systemd startup. The output can
then be loaded as an EnvironmentFile
in an etcd2 drop-in to properly
configure etcd2:
[Service]
EnvironmentFile=/etc/sysconfig/etcd-cluster
written to (or eval
from) /etc/default/etcd
for upstart startup
eval $(docker run building5/etcd-aws-cluster)
used with docker run --env-file
for running in a docker container
$ docker run --env-file <(docker run building5/etcd-aws-cluster) etcd
The following params are written:
ETCD_NAME
ETCD_LISTEN_CLIENT_URLS
ETCD_LISTEN_PEER_URLS
ETCD_ADVERTISE_CLIENT_URLS
ETCD_INITIAL_ADVERTISE_PEER_URLS
ETCD_INITIAL_CLUSTER_STATE
new
(spinning up new cluster) or existing
(joining existing cluster)ETCD_INITIAL_CLUSTER
IAM permissions are needed to inspect the ASG and its members. The easiest way to do that
is with an IAM instance profile. An example policy is given below, but you may want to
narrow the Resource
to the specific ASG the instance will belong to.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1456626729000",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"autoscaling:Describe*"
],
"Resource": ["*"]
}
]
}
get the instance id and ip from amazon
fetch the autoscaling group this machine belongs to
obtain the ip of every member of the auto scaling group
for each member of the autoscaling group detect if they are running etcd and if so who they see as members of the cluster
if no machines respond
else
The differences in this fork are:
FROM
image is
updated, so we'll keep up to date with security patches.FAQs
This container serves to assist in the creation of an etcd (2.x) cluster from an AWS auto scaling group.
The npm package etcd-aws-cluster receives a total of 5 weekly downloads. As such, etcd-aws-cluster popularity was classified as not popular.
We found that etcd-aws-cluster demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.