Various AWS Automation Scripts
A collection of shell scripts for automating various security tasks with Amazon Web Services.
You will need the AWS-CLI installed and configured to make this work correctly.
WAF/WAF.SH: Creates a WAF using cloud formation and a rules template.
ACM/acmdigicert.sh: Creates Digicert TLS certificates using their API and uploads them to ACM.
Cloudfront/quickaudit.sh: Quickly audits CloudFront for WAF, Logging, TLS and HTTP Only usage.
EC2/noingress.sh: Lists all in-use security groups that allow 0.0.0.0/0 for your inspection.
EC2/notused.sh: Lists all unused security groups that can likely be removed.
EC2/instances.sh: Lists all EC2 Instances in all AvailabilityZones.
EC2/SecurityGroups/addssh.sh: Adds rule to allow SSH access from your current public IP address.
EC2/SecurityGroups/removessh.sh: Removes rules allowing SSH access from your current public IP address.
GuardDuty/enale.sh: Enables GuardDuty in all available regions.
GuardDuty/findings.sh: Exports all GuardDuty findings to .json files.
S3/policies.sh: Lists all ACLs for S3 buckets in your account.
IAM/EC2USEastOnly.json: IAM policy that only allows EC2 instances in US-East-1.
IAM/userreport.sh: Downloads the credential report for for all configured profiles in ~/.aws/credentials.
I likely dont know what I am doing and this could be done faster, better and simpler some other way. These scripts could also break your cloud and make you cry.