cloud-audit-tool 0.0.2

AWS Cloud Audit Tool

CLOUD AUDIT TOOL

Cloud Audit tool helps you to check whether the application built on AWS is following the AWS Well-Architected framework by validating it against various AWS services security requirements and the best practices. Generates report to validate the security requirements and security best practices.

Cloud Audit tool setup

The project basically uses boto client to connect to the aws services.

1. Update the session credentials in the terminal or give the session credentials through the arguments of the command line by specifying --access-key, --secret-key and --session-token.

2. You can specify the region name, config file path, report file path and tags through --region, --config-path, --report-path arguments respectively while running the program.

3. If no region is specified us-east-1 is taken as default region, Similarly if no config file path and report path is given current working directory path is taken as default and the audit checks are performed for the services accordingly.

4. To check tags, we can pass as argument --tags while running the tool and we can also update the config.json file by mentioning the tags in the account tags provided. Moreover the tags passed as the argument through the command line takes the first priority.

5. Tags that are passed through the argument in command line should be separated using commas (,)

Cloud Audit Tool Execution

Command to Run the audit tool in the command line after installing the package.

cloud-audit-tool

Arguments that can be passed

cloud-audit-tool --region {region_name} --config-path {config-path} --report-path {report-path} --access-key {access-key} --secret-key {secret-key} --session-token {session-token} --tags {tag1,tag2,..}

Final Report

The overall report is provided as a HTML document in the path specified in the report-path argument. If no path is specified report is generated in the current working directory.