https://github.com/uptake/cloudbouncer
A repository of tools created by Uptake's Cloud Security team for security and compliance enforcement at scale
https://github.com/uptake/cloudbouncer
Last synced: 12 months ago
JSON representation
A repository of tools created by Uptake's Cloud Security team for security and compliance enforcement at scale
- Host: GitHub
- URL: https://github.com/uptake/cloudbouncer
- Owner: uptake
- License: bsd-3-clause
- Created: 2018-02-21T23:57:04.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2018-11-01T22:44:30.000Z (over 7 years ago)
- Last Synced: 2025-06-19T01:36:12.565Z (about 1 year ago)
- Language: Python
- Size: 59.6 KB
- Stars: 16
- Watchers: 4
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# cloudbouncer
A series of command line tools to used by the Uptake Cloud Security team to scale our security configurations
Written in Python 2.7, using the AWS Python SDK Boto3
## s3-encryption
Get to 100% S3 encryption at rest for an arbitrary number of existing and future accounts, buckets, and objects
Includes:
- s3-bucket-configuration-bot: a cloudwatch-triggered lambda bot that checks every new or changed bucket in your account and ensure it is encrypted, has inventory enabled, and is not public
- s3-bucket-default-encryption: a CLI tool to audit all existing buckets in your accounts to check that they have default encryption policies
- s3-bucket-inventory-policy: a CLI tool to audit all existing buckets in your accounts to check that they have S3 inventory policies
- s3-object-encryption-cleanup: a CLI tool to encrypt existing objects in your buckets
## network-map
Build a logical model of your AWS networks and simulate connectivity to debug / check configurations across the various AWS network configurations