From 4dc3e86bb9469011cf97d5521a969c7d250fb2d1 Mon Sep 17 00:00:00 2001 From: x p k Date: Thu, 1 Aug 2024 17:15:33 +0800 Subject: [PATCH] UPD: Added more services to the review --- aws/AwsEnvReview.py | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/aws/AwsEnvReview.py b/aws/AwsEnvReview.py index 136ed73..10f8afe 100755 --- a/aws/AwsEnvReview.py +++ b/aws/AwsEnvReview.py @@ -291,8 +291,45 @@ for r in regions: print("--END OF SECTION--") +printTitle("ApiGateway review") +printSubTitle("[Security] ApiGateway resource policy missing - Consider restricting access to private API with a policy") +print("Region", "AccountID", "PrivateApiName", sep=", ") + +for r in regions: + client = boto3.client('apigateway', region_name=r) + response = client.get_rest_apis() + for i in response.get("items"): + if "PRIVATE" in i.get("endpointConfiguration").get("types") and len(i.get("policy")) <= 0: + print(r, aid, i.get("name"), sep=", ") +print("--END OF SECTION--") +printTitle("Cloudtrail review") +printSubTitle("[Security] Cloudtrail not encrypted - Consider enabling encryption for cloudtrail") +print("Region", "AccountID", "Trail", sep=", ") + +for r in regions: + client = boto3.client('cloudtrail', region_name=r) + response = client.describe_trails() + for i in response.get("trailList"): + if i.get("KmsKeyId") is None: + print(r, aid, i.get("Name"), sep=", ") +print("--END OF SECTION--") + +printSubTitle("[Security] Multi-Region cloudtrail not enabled - Consider enabling Multi-Region for at least 1 cloudtrail") +print("Region", "AccountID", "Status", sep=", ") +multiRegionTrailCount = 0 + +for r in regions: + client = boto3.client('cloudtrail', region_name=r) + response = client.describe_trails() + for i in response.get("trailList"): + if i.get("IsMultiRegionTrail"): + multiRegionTrailCount += 1 + + if multiRegionTrailCount <= 0: + print(r, aid, "Missing multi region trail", sep=", ") +print("--END OF SECTION--") # TODO """