CloudTrail auditor

Navigation

Project links

Homepage

Statistics

View statistics for this project via Libraries.io, or by using Google BigQuery

Meta

License: Apache Software License (Apache 2.0)

Author: Riot Games Security

Tags: cloud, security

Maintainers

Avatar for internalservererror from gravatar.com internalservererror Avatar for markofu from gravatar.com markofu Avatar for TheM0ng00se from gravatar.com TheM0ng00se Avatar for zpritchard from gravatar.com zpritchard

Classifiers

Development Status
4 - Beta
Environment
Console
Framework
Flask
Sphinx
Intended Audience
Information Technology
System Administrators
License
OSI Approved :: Apache Software License
Natural Language
English
Operating System
MacOS :: MacOS X
POSIX :: Linux
Unix
Programming Language
Python :: 3.5
Python :: 3.6
Topic
Security
Utilities

Project description

Please open issues in the Cloud-Inquisitor repository

Description

This auditor ensures that CloudTrail:

  • is enabled globally on multi-region
  • logs to a central location
  • has SNS/SQS notifications enabled and being sent to the correct queues
  • and that regional trails (of our chosen name) are not enabled

Configuration Options

Option name Default Value Type Description
enabled False bool Enable the CloudTrail auditor
interval 60 int Run frequency in minutes
bucket_account CHANGE ME string Name of the account (must exist), in which to create the S3 bucket where CloudTrail logs will be delivered
bucket_name CHANGE ME string Name of the S3 bucket to send CloudTrail logs to
bucket_region us-west-2 string Region where to enable global events logging
global_cloudtrail_region us-west-2 string Region where to enable the global CloudTrail
sns_topic_name CHANGE ME string Name of the SNS topic for CloudTrail log delivery
sqs_queue_account CHANGE ME string Name of the account (must exist) which owns the SQS queue for CloudTrail log delivery notifications
sqs_queue_name SET ME string Name of the SQS queue
sqs_queue_region us-west-2 string Region for the SQS queue
trail_name us-west-2 string Name of the CloudTrail trail region

Project details

Project links

Homepage

Statistics

View statistics for this project via Libraries.io, or by using Google BigQuery

Meta

License: Apache Software License (Apache 2.0)

Author: Riot Games Security

Tags: cloud, security

Maintainers

Avatar for internalservererror from gravatar.com internalservererror Avatar for markofu from gravatar.com markofu Avatar for TheM0ng00se from gravatar.com TheM0ng00se Avatar for zpritchard from gravatar.com zpritchard

Classifiers

Development Status
4 - Beta
Environment
Console
Framework
Flask
Sphinx
Intended Audience
Information Technology
System Administrators
License
OSI Approved :: Apache Software License
Natural Language
English
Operating System
MacOS :: MacOS X
POSIX :: Linux
Unix
Programming Language
Python :: 3.5
Python :: 3.6
Topic
Security
Utilities

Release history Release notifications

This version
History Node

2.1.0

History Node

2.0.0

History Node

1.1.9

History Node

1.1.8

History Node

1.1.7

History Node

1.1.5

History Node

1.1.4

History Node

1.1.3

History Node

1.1.2

History Node

1.1.1

History Node

1.1.0

History Node

1.0.1

History Node

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
cinq-auditor-cloudtrail-2.1.0.tar.gz (6.9 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page