Security framework and auditing tool for monitoring and analyzing security configurations across multiple environments
This project is still unstable and, thus, not production-ready. Breaking changes may be introduced to the API or the CLI.
- Check EC2 configurations
- Check EC2 instances with public IPs in all regions.
- Check Security Group policies (e.g. inbound 0.0.0.0/0) in all regions.
- Check IAM configurations (e.g. disabled MFAs, inactive users).
- Check S3 configurations (e.g. public buckets).
- Check RDS configurations
Note: You will need dep to install dependencies: go get -u github.com/golang/dep/cmd/dep
-
API
go get github.com/petermbenjamin/orthrus cd $GOPATH/src/github.com/petermbenjamin/orthrus && dep ensure
-
CLI
go get github.com/petermbenjamin/orthrus/cmd/orthrus
-
Docker
docker run --rm -it -v "$HOME/.orthrus:/root/.orthrus" petermbenjamin/orthrus
$ orthrus --help
usage: orthrus [<flags>] <command> [<args> ...]
A security framework and auditing tool for monitoring, analyzing, and alerting on security configurations across multiple environments.
Flags:
--help Show context-sensitive help (also try --help-long and --help-man).
--version Show application version.
-c, --config=CONFIG Path to config file.
--debug Enable debug mode.
--report Report violations
Commands:
help [<command>...]
Show help.
ec2 instances
Check EC2 Instances
ec2 sg
Check Security Group
iam mfa [<flags>]
Check IAM MFA Policies
iam user [<flags>]
Check IAM User Policies
s3
Check S3 Policies.
- See sample configuration file.
orthrusneeds read-only privileges to all AWS services (e.g. EC2, S3, IAM ...etc).
- Use Cobra CLI library instead of kingpin
- Add tests
- Dockerize
- Improve logging
MIT © Peter Benjamin