Skip to content

AWS-audit is a tool to review AWS configuration of several services

License

Notifications You must be signed in to change notification settings

looCiprian/AWS-audit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS-audit

Allows to discover AWS misconfiguration and security issues on S3, Lambda Function and IAM Policy attached to those services.

Services

S3

  • Bucket Policy Audit [principal, resource, action contains *]
  • AccessPoint Policy Audit [principal, resource, action contains *]
  • ACL Audit
  • Public Access Audit
  • Encryption Configuration
  • Versioning
  • Logging
  • Web Site Audit functionality
  • Bucket Policy doent not prevent HTTP access

Lambda

  • Lambda Code Signing Audit
  • Lambda Role (Policy audit) [principal, resource, action contains *]
  • Lambda Resource Policy Audit [principal, resource, action contains *]
  • Lambda Environment Audit

IAM Role

  • Check for unused role
  • Check role Policy Audit [principal, resource, action contains *]

How to run

go run AWS-audit.go -c aws-audit-example.yaml