Giters

ctrlaltdev / awsec

AWS Basic Security Assessment Tool / Modules

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Basic AWS Security Assessment

Will check some common security configurations. So far: check S3 buckets and IAM user settings.

TODO: Installation

brew install ctrlaltdev/tap/awsec

or

brew tap ctrlaltdev/tap
brew install awsec

Standalone: How To Use

The tool needs AWS credentials to work, and will look into common places automatically (~/.aws/config, ~/.aws/credentials, env vars)

You can specify a default region in your ~/.aws/config or using the -region flag You can use an AWS profile using the -profile flag

awsec -profile prod -region us-west-2

Module: How To Use

You can use only specific subpart of the tool as modules:

go get -u github.com/ctrlaltdev/awsec/s3

or

go get -u github.com/ctrlaltdev/awsec/iam

In those cases, you need to initialize the module with an aws config:

package main

import (
	"context"
	"log"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/ctrlaltdev/awsec/iam"
	"github.com/ctrlaltdev/awsec/s3"
)

var cfg aws.Config

func main() {
	var err error
	cfg, err = config.LoadDefaultConfig(context.TODO())

	if err != nil {
		log.Fatalf("unable to load SDK config, %v", err)
	}

	s3.Init(&cfg)
	iam.Init(&cfg)

	s3Reports := s3.Check()
	iamReports := iam.Check()

	// ...
}

About

AWS Basic Security Assessment Tool / Modules

License:Mozilla Public License 2.0

Languages

Language:Go 96.7%Language:Makefile 3.3%