Skip to content
/ aws-role_credentials_leakage_monitor Public

Monitors if the AWS role credentials set on any of the EC2 instances are compromised

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

EbryxLabs/aws-role_credentials_leakage_monitor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
Readme.md
Readme.md
 
 
requirements.txt
requirements.txt
 
 
role_credentials_leakage.py
role_credentials_leakage.py
 
 

Repository files navigation

Description:

A script that runs on the Cloudtrail logs in Elasticsearch
Determines, whether the role credentials setup on an EC2 instance have been compromised

Requirements:

Install python3 libraries mentioned in 'requirements.txt'
Require access to Elasticsearch cluster
Setup an incoming webhook for a Slack channel
Requires a role or AWS Access key with IAM permission to: 
	ec2:DescribeNetworkInterfaces
	ec2:DescribeAddresses

Execution:

Point the script to the CloudTrail Index in Elasticsearch cluster to execute it
Pass Slack incoming webhook to the script
Read '-h' options of the script for execution examples

About

Monitors if the AWS role credentials set on any of the EC2 instances are compromised

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages