{"id":13782547,"url":"https://github.com/padok-team/yatas","last_synced_at":"2026-01-12T06:44:28.992Z","repository":{"id":53771447,"uuid":"521554664","full_name":"padok-team/yatas","owner":"padok-team","description":":owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration","archived":false,"fork":false,"pushed_at":"2025-05-05T17:49:05.000Z","size":7412,"stargazers_count":319,"open_issues_count":13,"forks_count":23,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-05-05T18:59:46.149Z","etag":null,"topics":["account","assessment","audit","aws","best-practices","cli","cloud","configuration","devsecops","gcp","hardening","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/padok-team.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-08-05T08:02:37.000Z","updated_at":"2025-04-07T15:29:13.000Z","dependencies_parsed_at":"2023-09-25T01:51:33.943Z","dependency_job_id":"6f89719f-65b4-4be9-a6c6-4b68108c5d75","html_url":"https://github.com/padok-team/yatas","commit_stats":{"total_commits":453,"total_committers":7,"mean_commits":64.71428571428571,"dds":0.3752759381898455,"last_synced_commit":"f214c8f38fc84498fff3715c36d997cef60e1f2e"},"previous_names":["stangirard/yatas"],"tags_count":135,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/padok-team%2Fyatas","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/padok-team%2Fyatas/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/padok-team%2Fyatas/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/padok-team%2Fyatas/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/padok-team","download_url":"https://codeload.github.com/padok-team/yatas/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254464891,"owners_count":22075570,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["account","assessment","audit","aws","best-practices","cli","cloud","configuration","devsecops","gcp","hardening","security"],"created_at":"2024-08-03T18:01:38.928Z","updated_at":"2025-05-16T04:03:57.375Z","avatar_url":"https://github.com/padok-team.png","language":"Go","funding_links":[],"categories":["0x02 工具 :hammer_and_wrench:"],"sub_categories":["1 云服务工具"],"readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"docs/auditory.png\" alt=\"yatas-logo\" width=\"30%\"\u003e\n\u003cp align=\"center\"\u003e\n\n# YATAS\n[![codecov](https://codecov.io/gh/padok-team/YATAS/branch/main/graph/badge.svg?token=OFGny8Za4x)](https://codecov.io/gh/padok-team/YATAS) [![goreport](https://goreportcard.com/badge/github.com/padok-team/yatas)](https://goreportcard.com/badge/github.com/padok-team/yatas)\n\nYet Another Testing \u0026amp; Auditing Solution \n\nThe goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check for all best practices but only for the ones that are important for you based on my experience. Please feel free to tell me if you find something that is not covered.\n\n## Features\nYATAS is a simple and easy to use tool to audit your infrastructure for misconfiguration or potential security issues.\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"docs/demo.gif\" alt=\"demo\" width=\"60%\"\u003e\n\u003cp align=\"center\"\u003e\n\n| No details | Details\n|:-------------------------:|:-------------------------:\n|![](./docs/demo.png) | ![](./docs/details.png)\n\n## Installation\n\n```bash\nbrew tap padok-team/tap\nbrew install yatas\n```\n\n```bash\nyatas --init\n```\n\nModify .yatas.yml to your needs.\n\n```bash\nyatas --install\n```\n\nInstalls the plugins you need.\n\n## Usage\n\n```bash\nyatas -h\n```\n\nFlags:\n- `--details`: Show details of the issues found.\n- `--compare`: Compare the results of the previous run with the current run and show the differences.\n- `--ci`: Exit code 1 if there are issues found, 0 otherwise.\n- `--resume`: Only shows the number of tests passing and failing.\n- `--time`: Shows the time each test took to run in order to help you find bottlenecks.\n- `--init`: Creates a .yatas.yml file in the current directory.\n- `--install`: Installs the plugins you need.\n- `--only-failure`: Only show the tests that failed.\n\n## Plugins\n\n**Checks Plugins**\n\n| Plugins | Description | Checks |\n|------|-------------|--------|\n| [*AWS Audit*](https://github.com/padok-team/yatas-aws) | AWS checks | Good practices and security checks|\n| [*GCP Audit*](https://github.com/padok-team/yatas-gcp) | GCP checks | Good practices and security checks|\n\n**Reporting Plugins**\n\n| Plugins | Description |\n|------|-------------|\n| [*Markdown Reports*](https://github.com/padok-team/yatas-markdown) | Generates a markdown report |\n| [*Notion Reports*](https://github.com/Thibaut-Padok/yatas-notion) | Generates a Notion Database report |\n| [*HTML Reports*](https://github.com/Thibaut-Padok/yatas-html) | Generates an HTML report |\n\n## Checks\n\n### Ignore results for known issues\nYou can ignore results of checks by adding the following to your `.yatas.yml` file:\n\n```yaml\nignore:\n - id: \"AWS_VPC_004\"\n regex: true\n values: \n - \"VPC Flow Logs are not enabled on vpc-.*\"\n - id: \"AWS_VPC_003\"\n regex: false\n values: \n - \"VPC has only one gateway on vpc-08ffec87e034a8953\"\n```\n\n### Exclude a test\nYou can exclude a test by adding the following to your `.yatas.yml` file:\n\n```yaml\nplugins:\n - name: \"aws\"\n enabled: true\n description: \"Check for AWS good practices\"\n exclude:\n - AWS_S3_001\n```\n\n### Specify which tests to run \n\nTo only run a specific test, add the following to your `.yatas.yml` file:\n\n```yaml\nplugins:\n - name: \"aws\"\n enabled: true\n description: \"Check for AWS good practices\"\n include:\n - \"AWS_VPC_003\"\n - \"AWS_VPC_004\"\n```\n\n### Get error logs\n\nYou can get the error logs by adding the following to your env variables:\n\n```bash\nexport YATAS_LOG=debug\n```\nThe available log levels are: `debug`, `info`, `warn`, `error`, `fatal`, `panic` and `off` by default\n\n## How to create a new plugin ?\n\nYou'd like to add a new plugin ? Then simply visit [yatas-plugin](https://github.com/padok-team/yatas-template) and follow the instructions.\n\n\n \u003ch2\u003eContributors ❤️\u003c/h2\u003e\n \u003cbr /\u003e\n \u003cdiv align=\"center\"\u003e\n \u003cbr /\u003e\n \u003ca href=\"https://github.com/padok-team/yatas/graphs/contributors\"\u003e\n \u003cimg src=\"https://contrib.rocks/image?repo=padok-team/yatas\" /\u003e\n \u003c/a\u003e\n \u003cbr/\u003e\n \u003cbr/\u003e\n \u003ch4\u003eYour contributions are very welcome, feel free to add new rules to YATAS !\u003c/h4\u003e\n \u003cbr /\u003e\n \u003cbr /\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpadok-team%2Fyatas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpadok-team%2Fyatas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpadok-team%2Fyatas/lists"}