Various AWS Automation Scripts
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
ACM
Cloudfront
EC2
GuardDuty
IAM
S3
WAF
LICENSE
README.md

README.md

AWS Scripts

Various AWS Automation Scripts

A collection of shell scripts for automating various security tasks with Amazon Web Services.
You will need the AWS-CLI installed and configured to make this work correctly.

Scripts

WAF/WAF.SH: Creates a WAF using cloud formation and a rules template.

ACM/acmdigicert.sh: Creates Digicert TLS certificates using their API and uploads them to ACM.

Cloudfront/quickaudit.sh: Quickly audits CloudFront for WAF, Logging, TLS and HTTP Only usage.

EC2/noingress.sh: Lists all in-use security groups that allow 0.0.0.0/0 for your inspection.

EC2/notused.sh: Lists all unused security groups that can likely be removed.

EC2/instances.sh: Lists all EC2 Instances in all AvailabilityZones.

EC2/SecurityGroups/addssh.sh: Adds rule to allow SSH access from your current public IP address.

EC2/SecurityGroups/removessh.sh: Removes rules allowing SSH access from your current public IP address.

GuardDuty/enale.sh: Enables GuardDuty in all available regions.

GuardDuty/findings.sh: Exports all GuardDuty findings to .json files.

S3/policies.sh: Lists all ACLs for S3 buckets in your account.

IAM/EC2USEastOnly.json: IAM policy that only allows EC2 instances in US-East-1.

IAM/userreport.sh: Downloads the credential report for for all configured profiles in ~/.aws/credentials.

Important Notice

I likely dont know what I am doing and this could be done faster, better and simpler some other way. These scripts could also break your cloud and make you cry.