A command-line tool to get valuable information out of AWS CloudTrail
Project description
TrailScraper
A command-line tool to get valuable information out of AWS CloudTrail
Installation
# install custom dependeny since PR cloudtools/awacs#87 isn't merged yet
$ pip install 'http://github.com/flosell/awacs/tarball/add_equality_and_hashes#egg=awacs-0.7.2'
# install trailscraper
$ pip install trailscraper
Usage
# Download some logs
$ trailscraper download --bucket <some-bucket> \
--account-id <some account id> \
--region <some region to look at> \
--past-days <number of past days to look at> \
# Generate an IAM Policy
$ trailscraper generate
{
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeVolumes",
"ec2:DescribeVpcs",
],
"Effect": "Allow",
"Resource": [
"*"
]
},
{
"Action": [
"sts:AssumeRole"
],
"Effect": "Allow",
"Resource": [
"arn:aws:iam::1111111111:role/someRole"
]
}
],
"Version": "2012-10-17"
}
Development
$ ./go setup # set up venv, dependencies and tools
$ ./go test # run some tests
$ ./go check # run some style checks
$ ./go # let's see what we can do here
Troubleshooting
Click thinks you are in an ASCII environment
Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment.
Set these environment variables:
LC_ALL=C.UTF-8 LANG=C.UTF-8
Changelog
This changelog contains a loose collection of changes in every release including breaking changes to the API.
The format is based on Keep a Changelog
0.2.0
Added
Basic filtering for role-arns when generating policy (#3)
0.1.0
Initial Release
Added
Basic feature to download CloudTrail Logs from S3 for certain accounts and timeframe
Basic feature to generate IAM Policies from a set of downloaded CloudTrail logs
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for trailscraper-0.2-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ded8e463ac93372230d2df609a6390dadcc8da3881610fd3751758cf7cd60014 |
|
MD5 | 57dcc17d7c571629ce4f14262b9f4e51 |
|
BLAKE2b-256 | 305716ffbd803b69f9282f988a8da8f42b42c76f9afe4b2bda552f8e72282d29 |