A security scanner for AWS resources
Project description
AWS Sentinel
AWS Sentinel is a powerful command-line security scanner for AWS resources. It helps identify common security issues and misconfigurations in your AWS environment.
Features
AWS Sentinel currently checks for the following security issues:
- S3 Buckets: Identifies publicly accessible buckets
- EC2 Security Groups: Finds security groups with port 22 (SSH) open to the public
- EBS Volumes: Detects unencrypted volumes
- IAM Users: Identifies users without Multi-Factor Authentication (MFA)
Installation
You can install AWS Sentinel using pip:
pip install aws-sentinel
Or using uv
uv pip install aws-sentinel
Usage
Basic Usage
Run a full security scan using your default AWS profile:
aws-sentinel scan
If you don't specify a profile or region, it will use the default profile and us-east-1 region.
Command Options
Usage: aws-sentinel scan [OPTIONS]
Options:
--profile TEXT AWS profile to use for authentication (from
~/.aws/credentials)
--region TEXT AWS region to scan for security issues
--checks TEXT Comma-separated list of checks to run
(s3,ec2,ebs,iam) or "all"
--output [table|json|csv] Output format for scan results
--severity [low|medium|high|all]
Filter results by minimum severity level
-v, --verbose Enable verbose output
-h, --help Show this message and exit.
Examples
Run a scan with a specific AWS profile and region:
aws-sentinel scan --profile production --region us-west-2
Run only specific security checks:
aws-sentinel scan --checks s3,iam
Export results in JSON format:
aws-sentinel scan --output json > security_report.json
Export results in CSV format:
aws-sentinel scan --output csv > security_report.csv
Show only high severity issues:
aws-sentinel scan --severity high
Get detailed documentation:
aws-sentinel docs
Example Output
Table Format (Default)
█████╗ ██╗ ██╗███████╗ ███████╗███████╗███╗ ██╗████████╗██╗███╗ ██╗███████╗██╗
██╔══██╗██║ ██║██╔════╝ ██╔════╝██╔════╝████╗ ██║╚══██╔══╝██║████╗ ██║██╔════╝██║
███████║██║ █╗ ██║███████╗ ███████╗█████╗ ██╔██╗ ██║ ██║ ██║██╔██╗ ██║█████╗ ██║
██╔══██║██║███╗██║╚════██║ ╚════██║██╔══╝ ██║╚██╗██║ ██║ ██║██║╚██╗██║██╔══╝ ██║
██║ ██║╚███╔███╔╝███████║ ███████║███████╗██║ ╚████║ ██║ ██║██║ ╚████║███████╗███████╗
╚═╝ ╚═╝ ╚══╝╚══╝ ╚══════╝ ╚══════╝╚══════╝╚═╝ ╚═══╝ ╚═╝ ╚═╝╚═╝ ╚═══╝╚══════╝╚══════╝
AWS Security Sentinel
Scanning AWS account using profile: default in region: us-east-1
Initializing security checks...
+-------------------------+
| AWS Security Issues Detected |
+--------+---------------+------------------------------------------+
| Service| Resource | Issue |
+--------+---------------+------------------------------------------+
| S3 | mybucket | Public bucket |
| EC2 | sg-12345abcde | Security group with port 22 open to public |
| EBS | vol-67890fghij| Unencrypted volume |
| IAM | alice | User without MFA |
+--------+---------------+------------------------------------------+
JSON Format
{
"scan_results": {
"profile": "default",
"region": "us-east-1",
"scan_time": "2025-04-15T14:32:17.654321",
"issues_count": 3,
"issues": [
{
"service": "S3",
"resource": "public-bucket",
"issue": "Public bucket",
"severity": "HIGH"
},
{
"service": "EC2",
"resource": "sg-12345abcde",
"issue": "Security group with port 22 open to public",
"severity": "HIGH"
},
{
"service": "IAM",
"resource": "admin-user",
"issue": "User without MFA",
"severity": "HIGH"
}
]
}
}
Requirements
- Python 3.9+
- AWS credentials configured (via AWS CLI or environment variables)
- Required permissions to access AWS resources
Development
To set up the project for development:
-
Clone the repository:
git clone https://github.com/rishabkumar7/aws-sentinel.git cd aws-sentinel
-
Create a virtual environment:
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install development dependencies:
pip install -e '.[dev]'
-
Run the tests:
python -m unittest discover tests
License
MIT License
Contributing
Contributions are welcome! Please feel free to submit an Issue and a Pull Request.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aws_sentinel-0.1.1.tar.gz.
File metadata
- Download URL: aws_sentinel-0.1.1.tar.gz
- Upload date:
- Size: 10.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5a1bdf87f2fb93723f69406cfa57ded0b95e24c7e55a1f4b82ed9e0c0031f1a0
|
|
| MD5 |
762c804e179884638e126099e4415aec
|
|
| BLAKE2b-256 |
5062e250e797ca8427355b0667ba344e643f33c2b801db65fa1bf40554555243
|
File details
Details for the file aws_sentinel-0.1.1-py3-none-any.whl.
File metadata
- Download URL: aws_sentinel-0.1.1-py3-none-any.whl
- Upload date:
- Size: 10.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c6489b64457799bb1edcee0d9844a4b1f0206553c6e735104813941cb69e0de5
|
|
| MD5 |
716b7f806a2f339174354166c3d6f8a4
|
|
| BLAKE2b-256 |
1f96179a2605e4d201e50428f9722e428f36998a5d67f1859f3350bbdcac12b4
|
