AWS 점검 스크립트 CSPM

AWS 점검 스크립트 CSPM

AWS 점검 스크립트 CSPM – BASH 기반 AWS 보안 점검 스크립트





 

AWS 자동화 점검 스크립트

#!/bin/bash
User_List=$(aws iam list-users | jq -r ‘.Users[]|.UserName’)
EC2_List=$(aws ec2 describe-instances | jq -r ‘.Reservations[]|.Instances[].InstanceId’)
Security_Group=$(aws ec2 describe-security-groups | jq -r ‘.SecurityGroups[]|.GroupId’)
IFS=$’\n’
UUser_List=($User_List)
IFS=$”
echo -e ” ##### 11111 Admin Policy assignment ##### ”
for value in “${UUser_List[@]}”;
do
result=($(aws iam list-attached-user-policies –user-name $value))
if [[ “$result” == *”AdministratorAccess”* ]] || [[ “$result” == *”IAMFullAccess”* ]]; then
echo -e “$value Account Bad”
else
echo -e “$value Account Good”
fi
done
#IFS=$’\n’
#UUser_List=($User_List)
#UUUser_List=($UUser_List)
#IFS=$”
echo -e “\n”
echo -e ” ##### 22222 IAM User name tag ##### ”
for value in “${UUser_List[@]}”;
do
result=($(aws iam list-user-tags –user-name $value))
if [[ “$result” == *”Key”* ]] || [[ “$result” == *”Value”* ]]; then
echo -e “$value Account Good”
else
echo -e “$value Account Bad”
fi
done
###############################
###############################
###############################





 

IFS=$’\n’
EEC2_List=($EC2_List)
IFS=$”
echo -e “\n”
echo -e ” ##### 33333 EC2 Instance Key Pair assignment ##### ”
for value in “${EEC2_List[@]}”;
do
result=($(aws ec2 describe-instances –instance-id $value | jq -r ‘.Reservations[]|.Instances[].KeyName’))
if [ -z “$value” ]; then
echo -e “EC2 Instance ID  $value  Key Paire assignment Bad”
else
echo -e “EC2 Instance ID  $value  Key Pair assignment Good”
fi
done
###############################
###############################
###############################





 

echo -e “\n”
echo -e ” ##### 44444 Account MFA Config ##### ”
for value in “${UUser_List[@]}”;
do
#       aws iam list-access-keys –user-name $value
#       aws iam list-mfa-devices –user-name $value
#       aws iam get-login-profile –user-name $value
#aws iam get-user-policy –user-name $value
#       aws iam list-groups-for-user –user-name $value
result=($(aws iam list-mfa-devices –user-name $value | jq -r ‘.MFADevices[]|.SerialNumber’))
#echo -e “—– test —–”
if [[ “$result” == *”mfa”* ]] ; then
#if [[ “$result” == *”AdministratorAccess1″* ]] || [[ “$result” == *”IAMFullAccess”* ]]; then
echo -e “$value Account MFA Authentication Good ”
else
echo -e “$value Account MFA Authentication Bad ”
fi
done
###############################
###############################
###############################





 

IFS=$’\n’
SSecurity_Group=($Security_Group)
IFS=$”
echo -e “\n”





 

echo -e ” ##### 55555 Security-Groups Config ##### ”
for value in “${SSecurity_Group[@]}”;
do
result=($(aws ec2 describe-security-groups –group-ids $value | jq -r ‘.SecurityGroups[]|.IpPermissions[]|.IpRanges[]|.CidrIp’))
result1=($(aws ec2 describe-security-groups –group-ids $value | jq -r ‘.SecurityGroups[]|.IpPermissions[]|.FromPort’))
result2=($(aws ec2 describe-security-groups –group-ids $value | jq -r ‘.SecurityGroups[]|.IpPermissions[]|.ToPort’))
#result=($(aws ec2 describe-security-groups | jq -r ‘.SecurityGroups[]|.IpPermissions[]|.IpRanges[]|.CidrIp’))
echo -e ” Security Group $value src ip $result FromPort $result1 ToPort $result2″





 

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다