{"id":20857403,"url":"https://github.com/unbounce/paw","last_synced_at":"2025-07-25T07:36:11.452Z","repository":{"id":64307819,"uuid":"126396153","full_name":"unbounce/paw","owner":"unbounce","description":"Privileged Access Watcher: Notifies Slack channels when a member is added to/removed from an IAM group.","archived":false,"fork":false,"pushed_at":"2023-09-28T16:22:50.000Z","size":1813,"stargazers_count":1,"open_issues_count":4,"forks_count":1,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-01-19T07:13:54.484Z","etag":null,"topics":["owner-platform-services"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/unbounce.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-03-22T21:17:14.000Z","updated_at":"2024-04-25T19:15:31.000Z","dependencies_parsed_at":"2023-09-28T18:14:57.905Z","dependency_job_id":null,"html_url":"https://github.com/unbounce/paw","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unbounce%2Fpaw","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unbounce%2Fpaw/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unbounce%2Fpaw/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unbounce%2Fpaw/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/unbounce","download_url":"https://codeload.github.com/unbounce/paw/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243230061,"owners_count":20257640,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["owner-platform-services"],"created_at":"2024-11-18T04:38:39.265Z","updated_at":"2025-03-12T13:44:27.557Z","avatar_url":"https://github.com/unbounce.png","language":"Go","readme":"# PAW: Privileged Access Watcher\n\nThis goal of this project is to watch privileged IAM groups in AWS\nfor membership additions and deletions, then notify a specific Slack\nchannel for visibility and notification to the affected person.\n\nAll of this is accomplished in an automated fashion, with a reaction\ntime of 1-2 minutes of the membership event occurring.  This relies on\na CloudWatch Event Rule, Lambda function, and Slack Incoming Webhook.\n\nWhen a user is added to a group, the following Slack message appears in a\nchannel:\n\n![Adding a Group Member Notification](extras/examples/add-group-member.png)\n\nConversely, when a user is removed from a group, the following message\nappears:\n\n![Removing a Group Member Notification](extras/examples/remove-group-member.png)\n\n## Launching the Project\n\nSince the IAM component being monitored is a global resource, the\nAWS resources are all created in one region.\n\n1. Deploy the IAM resources.\n\n  Run `make deploy-iam-stack` and follow the prompts.\n\n1. Set the Slack Webhook URL into SSM ParameterStore\n\n  Run `make init-ssm` and follow the prompts.\n\n1. Deploy the code resources.\n\n  Run `make deploy-code-stack` and follow the prompts.\n\n1. Prepare the Lambda function for code deployment.\n\n  Run `make prepare-code-stack` and follow the prompts.\n\n1. Deploy the code.\n\n  Run `make deploy-code` and follow the prompts.\n\nThe code deploy step can happen as frequent as needed, while the \ninfrastructure stack will update rarely.  If the infrastructure\ndoes need to be updated, it is best to use CloudFormation Change Sets\nto control the update and enforce change management.\n\n## Custom Slack Emojis\n\nThis project uses custom Slack emojis to personalize the messages sent\nto Slack.  You can find the custom emojis in the\n[extras/emojis](extras/emojis) directory.  Customize your Slack emojis\nby uploading the PNG files with the names specified in\n[constants.go](constants.go).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funbounce%2Fpaw","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funbounce%2Fpaw","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funbounce%2Fpaw/lists"}