cdk-prowler
Project description
cdk-prowler
An AWS CDK custom construct for deploying Prowler to you AWS Account. The following description about Prowler is taken from https://github.com/toniblyx/prowler:
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA…
It generates security html results which are stored in an s3 bucket:
And in your Codebuild Report group:
Example
# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
app = App()
stack = Stack(app, "ProwlerAudit-stack")
ProwlerAudit(stack, "ProwlerAudit")
cdk-prowler Properties
cdk-prowler supports some properties to tweak your stack. Like for running a Cloudwatch schedule to regualary run the Prowler scan with a defined cron expression.
You can see the supported properties in Api.md
Planned Features
- Supporting AWS SecurityHub https://github.com/toniblyx/prowler#security-hub-integration
- Triggering an event with SNS when prowler finishes the run
- AMI EC2 executable
Architecture
Misc
yes | yarn destroy && yarn deploy --require-approval never
Rerun Prowler on deploy
yarn deploy --require-approval never -c reRunProwler=true
Thanks To
- My friend and fellaw ex colleague Tony de la Fuente (https://github.com/toniblyx https://twitter.com/ToniBlyx) for developing such a cool security tool as Prowler
- As always to the amazing CDK / Projen Community. Join us on Slack!
- Projen project and the community around it
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for cdk_prowler-1.117.6-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 37e9090024c18ab58bb322f4bbfa06711f1c35ec6ce4bcf072d2cac2ddcc9bc2 |
|
MD5 | 183ffc7a6ff6fe45cb79b9abb2d8dbb1 |
|
BLAKE2b-256 | cc1bd64ca1c0d6fd0337e0176542c3750403ef82ac833bfaa1fcc775474a3764 |