trailscraper

A command-line tool to get valuable information out of AWS CloudTrail

Project description

TrailScraper

A command-line tool to get valuable information out of AWS CloudTrail

Installation

# install custom dependeny since PR cloudtools/awacs#87 isn't merged yet
$ pip install 'http://github.com/flosell/awacs/tarball/add_equality_and_hashes#egg=awacs-0.7.2'
# install trailscraper
$ pip install trailscraper

Usage

# Download some logs
$ trailscraper download --bucket <some-bucket> \
                        --account-id <some account id> \
                        --region <some region to look at> \
                        --past-days <number of past days to look at> \
# Generate an IAM Policy
$ trailscraper generate
{
    "Statement": [
        {
            "Action": [
                "ec2:DescribeInstances",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSubnets",
                "ec2:DescribeVolumes",
                "ec2:DescribeVpcs",
            ],
            "Effect": "Allow",
            "Resource": [
                "*"
            ]
        },
        {
            "Action": [
                "sts:AssumeRole"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:iam::1111111111:role/someRole"
            ]
        }
    ],
    "Version": "2012-10-17"
}

Development

$ ./go setup   # set up venv, dependencies and tools
$ ./go test    # run some tests
$ ./go check   # run some style checks
$ ./go         # let's see what we can do here

Troubleshooting

Click thinks you are in an ASCII environment

Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment.

Set these environment variables:

LC_ALL=C.UTF-8
LANG=C.UTF-8

Changelog

This changelog contains a loose collection of changes in every release including breaking changes to the API.

The format is based on Keep a Changelog

0.3.0

Changed

Added

Support for Python >= 2.7

Changed

Do not download CloudTrail Logs from S3 if they already exist in the target folder (#9)
Removed dependency on fork of the awacs-library to simplify installation and development

Fixed

Bug that led to policy-statements with the same set of actions not being combined properly in some cases (#7)

0.2.0 Added

Basic filtering for role-arns when generating policy (#3)

0.1.0

Initial Release

Added

Basic feature to download CloudTrail Logs from S3 for certain accounts and timeframe
Basic feature to generate IAM Policies from a set of downloaded CloudTrail logs

Project details

Release history Release notifications | RSS feed

0.6.4

Jul 12, 2020

0.6.3 yanked

Jul 12, 2020

0.6.2 yanked

Jun 3, 2020

0.6.1

Jun 3, 2020

0.6.0

Jun 3, 2020

0.5.1

Jun 10, 2018

0.5.0

May 1, 2018

0.4.4

Apr 16, 2018

0.4.3

Apr 16, 2018

0.4.2

Jan 21, 2018

0.4.1

Dec 28, 2017

0.4.0

Dec 24, 2017

This version

0.3.0

Dec 17, 2017

0.2

Nov 27, 2017

0.1

Nov 26, 2017

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for trailscraper, version 0.3.0
Filename, size	File type	Python version	Upload date	Hashes
Filename, size trailscraper-0.3.0-py2.py3-none-any.whl (10.8 kB)	File type Wheel	Python version 3.5	Upload date Dec 17, 2017	Hashes View
Filename, size trailscraper-0.3.0.tar.gz (7.9 kB)	File type Source	Python version None	Upload date Dec 17, 2017	Hashes View

Hashes for trailscraper-0.3.0-py2.py3-none-any.whl

Hashes for trailscraper-0.3.0-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`7f086299c54d44c7bcaddb068299f277f411c4293f699d4001360ee14f1856f5`
MD5	`51778d6d4d628a7664a3f0dee4bbfab3`
BLAKE2-256	`48240b4ff516ba9f4be93ce97a205558d94ed304ad65f615bcc5ffc7637e2eaa`

Hashes for trailscraper-0.3.0.tar.gz

Hashes for trailscraper-0.3.0.tar.gz
Algorithm	Hash digest
SHA256	`adc3ed63511f483849aa6da4489f61e3c98c84f1d2a30e79a1bc5bbc6866f1d1`
MD5	`3cff00dda64d0833a267d33efc5081ef`
BLAKE2-256	`d6920ef1ad791207440f81eb9a1374b402b19a924718c11f7178a731c5d14cd4`