{"id":26260512,"url":"https://github.com/elijahu1/aws-security-auditor","last_synced_at":"2026-04-18T17:36:56.095Z","repository":{"id":280873922,"uuid":"943451368","full_name":"elijahu1/aws-security-auditor","owner":"elijahu1","description":"AWS Security Group Auditor: CLI tool to audit EC2 security groups for overly permissive rules (e.g., open SSH/RDP ports). Generates actionable CSV/JSON reports and supports cron automation.","archived":false,"fork":false,"pushed_at":"2025-03-18T12:37:11.000Z","size":11,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-12-29T19:51:29.957Z","etag":null,"topics":["aws","devops-tools","ec2","security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/elijahu1.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-03-05T18:17:40.000Z","updated_at":"2025-03-18T12:37:14.000Z","dependencies_parsed_at":"2025-03-05T19:35:03.689Z","dependency_job_id":"f1fee245-8ef7-470b-a610-f1476e606c59","html_url":"https://github.com/elijahu1/aws-security-auditor","commit_stats":null,"previous_names":["elijahu1/aws-security-auditor"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/elijahu1/aws-security-auditor","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elijahu1%2Faws-security-auditor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elijahu1%2Faws-security-auditor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elijahu1%2Faws-security-auditor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elijahu1%2Faws-security-auditor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/elijahu1","download_url":"https://codeload.github.com/elijahu1/aws-security-auditor/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/elijahu1%2Faws-security-auditor/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31978585,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-18T17:30:12.329Z","status":"ssl_error","status_checked_at":"2026-04-18T17:29:59.069Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","devops-tools","ec2","security"],"created_at":"2025-03-13T23:15:28.077Z","updated_at":"2026-04-18T17:36:56.057Z","avatar_url":"https://github.com/elijahu1.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n---\n\n```markdown\n# 🛡️ AWS Security Group Auditor\n\nWelcome to the **AWS Security Group Auditor**! This is a simple yet powerful CLI tool to help you audit your AWS EC2 security groups for overly permissive rules, like open SSH (port 22) or RDP (port 3389) access to the world (`0.0.0.0/0`). It’s perfect for DevOps engineers, security teams, or anyone who wants to keep their AWS infrastructure secure.\n\n---\n\n## 🚀 Features\n\n- **Identify Risky Rules**: Find security groups with `0.0.0.0/0` on critical ports.\n- **Generate Reports**: Export results in CSV or JSON format.\n- **Easy Automation**: Run it manually or schedule it with cron jobs.\n- **Lightweight**: Built with Python and Bash, so it’s easy to customize.\n\n---\n\n## 🛠️ Installation\n\n### Prerequisites\nBefore you start, make sure you have the following installed:\n- **Python 3.11+**: [Download Python](https://www.python.org/downloads/)\n- **AWS CLI**: [Install AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)\n- **Git**: [Install Git](https://git-scm.com/downloads)\n\n### Step 1: Clone the Repository\nFirst, clone this repository to your local machine:\n```bash\ngit clone https://github.com/elijahu1/aws-security-auditor.git\ncd aws-security-auditor\n```\n\n### Step 2: Set Up a Virtual Environment\nCreate a virtual environment to keep dependencies isolated:\n```bash\npython -m venv .venv\n```\n\nActivate the virtual environment:\n- **Linux/macOS**:\n  ```bash\n  source .venv/bin/activate\n  ```\n- **Windows**:\n  ```bash\n  .venv\\Scripts\\activate\n  ```\n\n### Step 3: Install Dependencies\nInstall the required Python packages:\n```bash\npip install -r requirements.txt\n```\n\n### Step 4: Configure AWS Credentials\nMake sure your AWS credentials are set up. Run:\n```bash\naws configure\n```\nYou’ll need to provide:\n- **AWS Access Key ID**\n- **AWS Secret Access Key**\n- **Default region** (e.g., `us-east-1`)\n- **Default output format** (e.g., `json`)\n\n---\n\n## 🖥️ Usage\n\n### Option 1: Run with Python\nYou can run the tool directly using Python:\n```bash\npython src/audit_sg.py --region us-east-1 --output csv\n```\n- `--region`: The AWS region to audit (default: `us-east-1`).\n- `--output`: The output format (`csv` or `json`).\n\n### Option 2: Use the Bash Wrapper\nFor easier automation, use the Bash wrapper script:\n1. Make the script executable:\n   ```bash\n   chmod +x scripts/run_audit.sh\n   ```\n2. Run the script:\n   ```bash\n   ./scripts/run_audit.sh us-east-1 csv\n   ```\n\n---\n\n## Docker Usage\nBuild the Docker image:\n```bash\ndocker build -t aws-security-auditor .\n\n## 📂 Output\n\nThe tool generates a report in the `reports/` directory:\n- **CSV Format**: `reports/vulnerable_sgs.csv`\n- **JSON Format**: Printed to the terminal.\n\nExample CSV Output:\n```\nGroupId,Port,Protocol\nsg-123456,22,tcp\nsg-789012,3389,tcp\n```\n\n---\n\n## 🤖 Automation\n\n### Schedule with Cron\nTo run the tool daily at 2 AM, add a cron job:\n1. Open your crontab:\n   ```bash\n   crontab -e\n   ```\n2. Add the following line:\n   ```bash\n   0 2 * * * /path/to/aws-security-auditor/scripts/run_audit.sh us-east-1 csv\n   ```\n\n---\n\n## IAM Permissions\nEnsure your IAM role or user has the following permissions:\n```json\n{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Effect\": \"Allow\",\n            \"Action\": \"ec2:DescribeSecurityGroups\",\n            \"Resource\": \"*\"\n        }\n    ]\n}\n\n## 🧪 Testing\n\nTo ensure everything is working correctly, run the tests:\n```bash\nmake test\n```\n\n---\n\n## 🛠️ Development\n\n### Directory Structure\nHere’s what the project looks like:\n```\naws-security-auditor/\n├── src/                  # Python source code\n├── tests/                # Unit tests\n├── scripts/              # Bash scripts\n├── config/               # Configuration files\n├── logs/                 # Log files\n├── reports/              # Generated reports\n├── requirements.txt      # Python dependencies\n└── README.md             # This file\n```\n\n### Common Tasks\n- **Run Tests**:\n  ```bash\n  make test\n  ```\n- **Format Code**:\n  ```bash\n  make format\n  ```\n- **Clean Up**:\n  ```bash\n  make clean\n  ```\n\n---\n\n## 🤝 Contributing\n\nContributions are welcome! If you’d like to improve this tool:\n1. Fork the repository.\n2. Create a new branch:\n   ```bash\n   git checkout -b feature/your-feature-name\n   ```\n3. Commit your changes:\n   ```bash\n   git commit -m \"feat: Add your feature\"\n   ```\n4. Push to the branch:\n   ```bash\n   git push origin feature/your-feature-name\n   ```\n5. Open a pull request.\n\n---\n\n## 📜 License\n\nThis project is licensed under the **MIT License**. Feel free to use, modify, and distribute it as you see fit.\n\n---\n\n## 🙏 Credits\n\n- Built with ❤️ by [Eli]\n- Inspired by the need for better AWS security practices.\n\n---\n\nHappy auditing! 🎉\n```\n\n---\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felijahu1%2Faws-security-auditor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Felijahu1%2Faws-security-auditor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felijahu1%2Faws-security-auditor/lists"}