nagwww

import json
import boto3
import time
import os
 
"""
- Ingest IAM access advisor data to an S3 bucket
- Lambda function should trigger from AWS event bridge in all the AWS regions
- This would copy the access analyzer findings to an S3 bucket.
 

nagwww

============================================================================================================
Account ID  |            Owner                      |  Totoal Number of AMI's 
============================================================================================================
979382823631	https://bitnami.com	                   | 105,061
679593333241	https://bitnami.com	                   | 13,391
679593333241	AMI created by EC2 Automation		   | 1,181
679593333241	http://www.openvpn.net/	                   | 396
679593333241	http://bitnami.org		           | 354
679593333241	http://www.checkpoint.com/	           | 354
679593333241	Brocade Virtual Traffic Manager	           | 156

nagwww

aws ec2 describe-images --executable-users all --region ap-south-1 > ap-south-1_ami.json
aws ec2 describe-images --executable-users all --region eu-west-2 > eu-west-2_ami.json
aws ec2 describe-images --executable-users all --region eu-west-1 > eu-west-1_ami.json
aws ec2 describe-images --executable-users all --region ap-northeast-2 > ap-northeast-2_ami.json
aws ec2 describe-images --executable-users all --region ap-northeast-1 > ap-northeast-1_ami.json
aws ec2 describe-images --executable-users all --region sa-east-1 > sa-east-1_ami.json
aws ec2 describe-images --executable-users all --region ca-central-1 > ca-central-1_ami.json
aws ec2 describe-images --executable-users all --region ap-southeast-1 > ap-southeast-1_ami.json
aws ec2 describe-images --executable-users all --region ap-southeast-2 > ap-southeast-2_ami.json
aws ec2 describe-images --executable-users all --region eu-central-1 > eu-central-1_ami.json

nagwww

{
    "Version": "2008-10-17",
    "Id": "S3Policy",
    "Statement": [
      {
        "Resource": "arn:aws:s3:::us-west-2-nag/*",
        "Effect": "Allow",
        "Sid": "AllowCorp",
        "Action": "s3:*",
        "Condition": {

nagwww

{
    "Version": "2008-10-17",
    "Statement": [
      {
        "Action": "s3:*",
        "Resource": [
          "arn:aws:s3:::us-west-2-nag",
          "arn:aws:s3:::us-west-2-nag/*"],
        "Effect": "Deny",
        "Condition": {

nagwww

{
    "Version": "2012-10-17",
    "Statement": [
      {
        "Resource": "arn:aws:s3:::us-west-2-nag/*",
        "Effect": "Allow",
        "Sid": "AllowVpcGetObject",
        "Action": "s3:GetObject",
        "Condition": {
          "StringEquals": {

nagwww

#!/usr/bin/python
"""
- Author : Nag m
- Info   : Grant read access to an object by email
- AWS CLI: aws s3api put-object-acl --bucket us-west-2.nag --key hello.txt --grant-read emailaddress=test@gmail.com
"""
import json
import boto3
acp = {
    "Grants": [

nagwww

import boto3
import sys

def get_session(account_number, role="S3Role"):
    import boto3

    session = boto3.session.Session()
    sts = session.client('sts')
    credentials = sts.assume_role(RoleArn='arn:aws:iam::{}:role/{}'.format(account_number, role),
                                  RoleSessionName="NagHacks")

nagwww

input {
  twitter {
    consumer_key => "PJdoMFcqcuhmoaDGJJi51Sv06"
    consumer_secret => "toMRfMSUXOkymXaBc5jLSB9czV0lmt1y3NMd9BoN9BqGgLt881"
    keywords => ["#heartbleed","heartbleed","heartbleed.com"]
    oauth_token => "13113232-cMHGxFevoFKS6ii6xvr3UP8yLRuHb9daRr5zXAMRO"
    oauth_token_secret => "4fVFiS6C2Qq2FJEMlKFrwoUqLYFcqiBuq291bGMFwGvL8"
    tags => ["#heartbleed"]
    type => "heartbleed"
}

nagwww

test