A security scanner for AWS resources
Project description
AWS Sentinel
AWS Sentinel is a command-line security scanner for AWS resources. It helps identify common security issues in your AWS account, such as:
- Public S3 buckets
- Security groups with port 22 (SSH) open to the public
- Unencrypted EBS volumes
- IAM users without Multi-Factor Authentication (MFA)
Usage
You can clone this repo:
git clone https://github.com/rishabkumar7/aws-sentinel
Once clone, you can run AWS Sentinel from the command line:
python main.py --profile your-aws-profile --region your-aws-region
If you don't specify a profile or region, it will use the default profile and us-east-1 region.
Options
--profile: AWS profile to use (default: "default")--region: AWS region to check (default: "us-east-1")
Example Output
█████╗ ██╗ ██╗███████╗ ███████╗███████╗███╗ ██╗████████╗██╗███╗ ██╗███████╗██╗
██╔══██╗██║ ██║██╔════╝ ██╔════╝██╔════╝████╗ ██║╚══██╔══╝██║████╗ ██║██╔════╝██║
███████║██║ █╗ ██║███████╗ ███████╗█████╗ ██╔██╗ ██║ ██║ ██║██╔██╗ ██║█████╗ ██║
██╔══██║██║███╗██║╚════██║ ╚════██║██╔══╝ ██║╚██╗██║ ██║ ██║██║╚██╗██║██╔══╝ ██║
██║ ██║╚███╔███╔╝███████║ ███████║███████╗██║ ╚████║ ██║ ██║██║ ╚████║███████╗███████╗
╚═╝ ╚═╝ ╚══╝╚══╝ ╚══════╝ ╚══════╝╚══════╝╚═╝ ╚═══╝ ╚═╝ ╚═╝╚═╝ ╚═══╝╚══════╝╚══════╝
AWS Security Sentinel
Scanning AWS account using profile: default in region: us-east-1
Initializing security checks...
+-------------------------+
| AWS Security Issues Detected |
+--------+---------------+------------------------------------------+
| Service| Resource | Issue |
+--------+---------------+------------------------------------------+
| S3 | mybucket | Public bucket |
| EC2 | sg-12345abcde | Security group with port 22 open to public |
| EBS | vol-67890fghij| Unencrypted volume |
| IAM | alice | User without MFA |
+--------+---------------+------------------------------------------+
Requirements
- Python 3.9+
- AWS credentials configured (via AWS CLI or environment variables)
Development
To set up AWS Sentinel for development:
- Clone the repository:
git clone https://github.com/yourusername/aws-sentinel.git cd aws-sentinel
- Create a virtual environment:
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate`
- Install development dependencies:
pip install -r requirements.txt
- Run tests:
python unittest test_aws_sentinel.py
License
MIT License
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aws_sentinel-0.1.0.tar.gz.
File metadata
- Download URL: aws_sentinel-0.1.0.tar.gz
- Upload date:
- Size: 9.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0866c2b10e249054efc8a9abf53e7597802c0b936f0465642801a3503545dba4
|
|
| MD5 |
e209a636e99766e22affa9d9102bfe99
|
|
| BLAKE2b-256 |
51436673bcaaaf7d37a7bd5d178a64db122dce9f35c51cda9d003c41ad4271ae
|
File details
Details for the file aws_sentinel-0.1.0-py3-none-any.whl.
File metadata
- Download URL: aws_sentinel-0.1.0-py3-none-any.whl
- Upload date:
- Size: 10.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f830f5aecb7c90f3753d9635588c714bfbc1f37afe8e95cc5314904f94fd14e7
|
|
| MD5 |
96413310e2eac87913ff720dfe57e5cf
|
|
| BLAKE2b-256 |
d9cfd3f2cf004b8472fb0eb79b5d8835573afbfc2d88d7c3a464f65d8a3078b0
|
