cross43 0.0.6

AWS Cloud Audit Tool

CLOUD AUDIT TOOL

Cloud Audit tool helps you to check whether the application built on AWS is following the AWS Well-Architected framework by validating it against various AWS services security requirements and the best practices. Generates report to validate the security requirements and security best practices.

Cloud Audit tool setup

The project basically uses boto client to connect to the aws services.

1. Update the session credentials in the terminal or give them through the arguments in the command line by specifying --access-key, --secret-key, and --session-token.

2. While running the program, You can specify the region name, config file path, report file path, and tags through --region, --config-path, -report-path arguments.

3. If no region is specified us-east-1 is taken as the default region, Similarly if no config file path and report path are given, the current working directory's path is taken as the default path and the audit checks are performed for the default values.

4. Tags are checked by passing as an argument --tags or updating account tags in the config.json file. Moreover, the tags passed through the argument in the command line take priority.

5. The format of the tags that are passed through the argument in the command line should be separated using commas (,).

Cloud Audit Tool Execution

Command to Run the audit tool in the command line after installing the package.

cloud-audit-tool

Arguments that can be passed

cloud-audit-tool --region {region-name} --config-path {config-path} --report-path {report-path} --access-key {access-key} --secret-key {secret-key} --session-token {session-token} --tags {tag1,tag2,..}

Final Report

The overall report is provided as a HTML document in the path specified in the report-path argument. If no path is specified report is generated in the current working directory.