Last active
December 16, 2020 15:50
-
-
Save immanuelpotter/716b37fd941cff092d6ff59b931975f6 to your computer and use it in GitHub Desktop.
aws-securityhub-export-findings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Reads a list of profile names from a file in the local directory. Example provided. | |
| set -e | |
| # If a profiles.txt file doesn't exist in the current dir, fail. | |
| [[ -f profiles.txt ]] && echo "profiles.txt found, continuing..." || echo "Please provide a profiles.txt with profile names separated by new lines." | |
| today=$(date -I) | |
| while read -r profile_name ; do | |
| mkdir -p findings/${today}/${profile_name} | |
| for SEVERITY_LEVEL in CRITICAL HIGH MEDIUM LOW ; do | |
| for STATUS in FAILED WARNING ; do | |
| aws --profile $profile_name securityhub get-findings \ | |
| --filter 'SeverityLabel={Value='${SEVERITY_LEVEL}',Comparison=EQUALS},ComplianceStatus={Value='${STATUS}',Comparison=EQUALS}' \ | |
| --max-items=1000 >> findings/${today}/${profile_name}/${SEVERITY_LEVEL}.findings | |
| done | |
| done | |
| done < profiles.txt | |
| set +e |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| blah-aws-dev-admin | |
| blah-aws-prod-admin | |
| blah-aws-log-admin | |
| blah-aws-sec-admin |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment