Created
November 7, 2019 03:48
-
-
Save makash/62c6e60d08c527202c088f745bb2923c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# If you have multiple AWS credentials added export the profile to use, my profile name is addo2019 | |
export AWS_PROFILE=addo2019 | |
# Ideally provide a default region for AWS, my default region is us-east-1 | |
export AWS_DEFAULT_REGION=us-east-1 | |
# A easy command to enumerate public S3 buckets is slurp (https://github.com/hehnope/slurp/releases) | |
slurp internal | |
# slurp has other modes you can try out | |
slurp --help | |
# Running cloud custodian in a python virtualenv | |
# run is the sub command to execute a policy | |
# -s to provide a directory to store the output of the command | |
# /path/to/the/policy | |
# custodian run -s /path/to/output/directory /path/to/policy | |
# Policy used is available here as a gist - https://gist.github.com/makash/0d969155e2f4de04bae5267f2f1c8a3c | |
custodian run -s output/s3-remove-public-buckets-output custodian-policies/s3-remove-public-buckets.yml | |
# Get tags for a bucket provide the correct bucket name | |
aws s3api get-bucket-tagging --bucket <bucket name> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment