Skip to main content

A command-line tool to get valuable information out of AWS CloudTrail

Project description

TrailScraper

PyPi Release Build Status

A command-line tool to get valuable information out of AWS CloudTrail

Installation

# install custom dependeny since PR cloudtools/awacs#87 isn't merged yet
$ pip install 'http://github.com/flosell/awacs/tarball/add_equality_and_hashes#egg=awacs-0.7.2'
# install trailscraper
$ pip install trailscraper

Usage

# Download some logs
$ trailscraper download --bucket <some-bucket> \
                        --account-id <some account id> \
                        --region <some region to look at> \
                        --past-days <number of past days to look at> \
# Generate an IAM Policy
$ trailscraper generate
{
    "Statement": [
        {
            "Action": [
                "ec2:DescribeInstances",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSubnets",
                "ec2:DescribeVolumes",
                "ec2:DescribeVpcs",
            ],
            "Effect": "Allow",
            "Resource": [
                "*"
            ]
        },
        {
            "Action": [
                "sts:AssumeRole"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:iam::1111111111:role/someRole"
            ]
        }
    ],
    "Version": "2012-10-17"
}

Development

$ ./go setup   # set up venv, dependencies and tools
$ ./go test    # run some tests
$ ./go check   # run some style checks
$ ./go         # let's see what we can do here

Troubleshooting

Click thinks you are in an ASCII environment

Click will abort further execution because Python 3 was configured to use ASCII as encoding for the environment.

Set these environment variables:

LC_ALL=C.UTF-8
LANG=C.UTF-8

Changelog

This changelog contains a loose collection of changes in every release including breaking changes to the API.

The format is based on Keep a Changelog

0.3.0

Changed

Added

  • Support for Python >= 2.7

Changed

  • Do not download CloudTrail Logs from S3 if they already exist in the target folder (#9)
  • Removed dependency on fork of the awacs-library to simplify installation and development

Fixed

  • Bug that led to policy-statements with the same set of actions not being combined properly in some cases (#7)

0.2.0

Added

  • Basic filtering for role-arns when generating policy (#3)

0.1.0

Initial Release

Added

  • Basic feature to download CloudTrail Logs from S3 for certain accounts and timeframe
  • Basic feature to generate IAM Policies from a set of downloaded CloudTrail logs

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for trailscraper, version 0.3.0
Filename, size File type Python version Upload date Hashes
Filename, size trailscraper-0.3.0-py2.py3-none-any.whl (10.8 kB) File type Wheel Python version 3.5 Upload date Hashes View
Filename, size trailscraper-0.3.0.tar.gz (7.9 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page