A command-line tool to get valuable information out of AWS CloudTrail

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for flosell from gravatar.com flosell

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache Software License (Apache License 2.0)

Author: Florian Sellmayr

Tags aws

Classifiers

Project description

TrailScraper

PyPi Release Build Status

A command-line tool to get valuable information out of AWS CloudTrail

Installation

# install custom dependeny since PR cloudtools/awacs#87 isn't merged yet
$ pip install 'http://github.com/flosell/awacs/tarball/add_equality_and_hashes#egg=awacs-0.7.2'
# install trailscraper
$ pip install trailscraper

Usage

# Download some logs
$ trailscraper download --bucket <some-bucket> \
                        --account-id <some account id> \
                        --region <some region to look at> \
                        --past-days <number of past days to look at> \
# Generate an IAM Policy
$ trailscraper generate
{
    "Statement": [
        {
            "Action": [
                "ec2:DescribeInstances",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSubnets",
                "ec2:DescribeVolumes",
                "ec2:DescribeVpcs",
            ],
            "Effect": "Allow",
            "Resource": [
                "*"
            ]
        },
        {
            "Action": [
                "sts:AssumeRole"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:iam::1111111111:role/someRole"
            ]
        }
    ],
    "Version": "2012-10-17"
}

Development

$ ./go setup   # set up venv, dependencies and tools
$ ./go test    # run some tests
$ ./go check   # run some style checks
$ ./go         # let's see what we can do here

Troubleshooting

Click thinks you are in an ASCII environment

Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment.

Set these environment variables:

LC_ALL=C.UTF-8
LANG=C.UTF-8

Changelog

This changelog contains a loose collection of changes in every release including breaking changes to the API.

The format is based on Keep a Changelog

0.2.0

Added

  • Basic filtering for role-arns when generating policy (#3)

0.1.0

Initial Release

Added

  • Basic feature to download CloudTrail Logs from S3 for certain accounts and timeframe

  • Basic feature to generate IAM Policies from a set of downloaded CloudTrail logs

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for flosell from gravatar.com flosell

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache Software License (Apache License 2.0)

Author: Florian Sellmayr

Tags aws

Classifiers

Release history Release notifications | RSS feed

0.8.1

0.8.0

0.7.0

0.6.4

0.6.3 yanked

Reason this release was yanked:

release scripting issues, contains the wrong version number for --version

0.6.2 yanked

Reason this release was yanked:

this is the same as 0.6.1 after accidentally running the same script twice

0.6.1

0.6.0

0.5.1

0.5.0

0.4.4

0.4.3

0.4.2

0.4.1

0.4.0

0.3.0

This version

0.2

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

trailscraper-0.2.tar.gz (6.1 kB view hashes)

Uploaded Source

Built Distribution

trailscraper-0.2-py2.py3-none-any.whl (9.6 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page