Coder Social home page Coder Social logo

abdennebi-forks / aws-account-automation Goto Github PK

View Code? Open in Web Editor NEW

This project forked from primeharbor/aws-account-automation

0.0 0.0 0.0 169 KB

Tools to help automate your AWS Accounts

License: Apache License 2.0

Shell 8.84% Python 85.38% Makefile 0.87% HCL 4.91%

aws-account-automation's Introduction

aws-account-automation

Tools to Automate your AWS Account

  • AccountAlertTopics will create three SNS Topics (Critical, Error, Info) and stack export them to be used in other templates. It can optionally deploy a lambda that will push the published messages to a slack channel

  • AuditRole creates a generic security auditor role for an account. QuickLink Deploy

  • BillingBucket creates a bucket in your payer account for billing reports and applies the appropriate Bucket Policy. QuickLink Deploy

  • CloudTrailTemplate creates a CloudTrail following industry best practices. It creates the S3 bucket, a Customer Managed Key for the events, enables log validation and multi-region support and will send events to CloudWatch Logs. QuickLink Deploy

  • CloudWatchAlarmsForCloudTrailAPIActivity Deploys multiple CloudWatch Alarms for CloudTrail events that happen in your account. Requires CloudTrail to be feeding a LogGroup and the AccountAlertTopics stack to be deployed. QuickLink Deploy

  • EBSAutomatedTagging - probably not useful since AWS will autotag EBS volumes now

  • IAM-ExpireUsers - Work in progress to automatically handle users that have not changed their password or rotated access keys

  • requireMFA will deploy a IAM User Group and Lambda that will prevent users without MFA from doing anything in the account

  • SESRuleToSlack Creates and SES Email receiving rule/rulset to accept all email for a domain, invoke a lambda function that sends a summary of the email to Slack. Useful for when you might get an important notice, but you don't really need to interact from a domain.

โ— Also check out the aws-fast-fixes python scripts for manual security fixes for your account! โ—

Hosting

The most recent version of all these templates are hosted in S3 for Easy Deployment.

Directly callable URLS:

S3 Paths:

  • s3://pht-cloudformation/aws-account-automation/AWSCloudFormationStackSetRoles-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/AWSConfigAggregator-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/AWSConfigRecorder-StackSetTemplate.yaml
  • s3://pht-cloudformation/aws-account-automation/AWSConfigRecorder-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/AccountAlertTopics-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/AuditRole-StackSetTemplate.yaml
  • s3://pht-cloudformation/aws-account-automation/AuditRole-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/BillingBucket-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/BillingMetrics-Template-Transformed.yaml
  • s3://pht-cloudformation/aws-account-automation/BillingMetrics-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/CloudTrail-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/CloudTrailConfigBucket-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/CloudWatchAlarmsForCloudTrailAPIActivity-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/EBSAutomatedTagging.yaml
  • s3://pht-cloudformation/aws-account-automation/GuardDuty-to-Slack-StackSetTemplate.yaml
  • s3://pht-cloudformation/aws-account-automation/GuardDuty-to-Slack-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/IAM-ExpireUsers-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/OrgCloudTrail-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/requireMFA-Template.yaml
  • s3://pht-cloudformation/aws-account-automation/SESRuleToSlack-Template.yaml

aws-account-automation's People

Contributors

jchrisfarris avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.