{"id":13821777,"url":"https://github.com/scalefactory/s3audit-ts","last_synced_at":"2026-03-20T00:51:00.153Z","repository":{"id":42693377,"uuid":"212078123","full_name":"scalefactory/s3audit-ts","owner":"scalefactory","description":"CLI tool for auditing S3 buckets","archived":true,"fork":false,"pushed_at":"2023-08-02T13:28:33.000Z","size":133,"stargazers_count":109,"open_issues_count":0,"forks_count":9,"subscribers_count":7,"default_branch":"main","last_synced_at":"2024-07-01T13:53:13.950Z","etag":null,"topics":["aws","aws-s3","aws-s3-audit","devops-tools","s3","s3-bucket"],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scalefactory.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-10-01T11:23:21.000Z","updated_at":"2023-11-07T15:00:23.000Z","dependencies_parsed_at":"2024-01-15T16:35:00.606Z","dependency_job_id":"d295a8ec-9526-4988-9868-a52795e7175a","html_url":"https://github.com/scalefactory/s3audit-ts","commit_stats":null,"previous_names":["scalefactory/s3audit"],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scalefactory%2Fs3audit-ts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scalefactory%2Fs3audit-ts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scalefactory%2Fs3audit-ts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scalefactory%2Fs3audit-ts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scalefactory","download_url":"https://codeload.github.com/scalefactory/s3audit-ts/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":213893315,"owners_count":15653524,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-s3","aws-s3-audit","devops-tools","s3","s3-bucket"],"created_at":"2024-08-04T08:01:27.955Z","updated_at":"2026-03-20T00:51:00.104Z","avatar_url":"https://github.com/scalefactory.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"s3audit-ts\n==================\n\nThis is an archived an open source project published by [The Scale Factory](https://scalefactory.com).\n\nFor our replacement (implemented in Rust), see [`s3audit-rs`](https://github.com/scalefactory/s3audit-rs).\n\n## Purpose\n\nChecks the settings for all S3 buckets in an AWS account for public access\n\n[![oclif](https://img.shields.io/badge/cli-oclif-brightgreen.svg)](https://oclif.io)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n\n## Table of contents\n\n\u003c!-- toc --\u003e\n* [Install](#install)\n* [Usage](#usage)\n\u003c!-- tocstop --\u003e\n\nFor an introduction, read\n[Securing S3 buckets with s3audit](https://scalefactory.com/blog/2019/10/03/securing-s3-buckets-with-s3audit/)\n\n# Install\n\u003c!-- install --\u003e\nDownload and install the [latest release from GitHub](https://github.com/scalefactory/s3audit-ts/releases)\n\nOr install the NPM package:\n\n```sh-session\n$ npm install -g s3audit\n```\n\u003c!-- installstop --\u003e\n\n# Usage\n\u003c!-- usage --\u003e\n\n### Node\nAWS credentials will be taken from environment variables.\nIt is recommended to run this in combination with [AWS Vault](https://github.com/99designs/aws-vault)\n\n### Arguments\n```\ns3audit --bucket=s3-bucket=name\ns3audit --format=console\ns3audit --format=csv\ns3audit --enable-check=policy --enable-check=acl\ns3audit --disable-check=logging --enable-check=logging\n```\n\n### IAM Role\n\nYou should use a role which is allowed these actions for all buckets in your account:\n\n```\ns3:ListAllMyBuckets,\ns3:GetBucketAcl,\ns3:GetBucketLogging,\ns3:GetBucketPolicy,\ns3:GetBucketPublicAccessBlock,\ns3:GetBucketVersioning,\ns3:GetBucketWebsite,\ns3:GetEncryptionConfiguration\n```\n\n```sh-session\n$ aws-vault exec \u003cprofile\u003e -- s3audit\n\n  ❯ Checking 1 bucket\n    ❯ s3audit-demo\n      ❯ Bucket public access configuration\n        ✖ BlockPublicAcls is set to false\n        ✖ IgnorePublicAcls is set to false\n        ✖ BlockPublicPolicy is set to false\n        ✖ RestrictPublicBuckets is set to false\n      ✖ Server side encryption is not enabled\n      ✖ Object versioning is not enabled\n      ✖ MFA Delete is not enabled\n      ✔ Static website hosting is disabled\n      ✔ Bucket policy doesn't allow a wildcard entity\n      ✔ Bucket ACL doesn't allow access to \"Everyone\" or \"Any authenticated AWS user\"\n      ✖ Logging is not enabled\n```\n\n\u003c!-- usagestop --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscalefactory%2Fs3audit-ts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscalefactory%2Fs3audit-ts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscalefactory%2Fs3audit-ts/lists"}