aws-well-architected-labs
prowler
aws-well-architected-labs | prowler | |
---|---|---|
4 | 25 | |
1,948 | 9,571 | |
0.7% | 1.5% | |
7.1 | 9.8 | |
19 days ago | 2 days ago | |
Python | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-well-architected-labs
-
AWS costs every programmer should know (2019)
AZs are connected via normal user visible networks, you can just break those. They even provide examples, https://github.com/awslabs/aws-well-architected-labs/tree/ma...
Those are basic (don't cover flapping or glacial-speed slowdown degradation modes etc) but a starting point at least.
-
Recommend Open Source Terraform Code deploying Azure / AWS / GCP - For me to read and learn
read up on aws well architected framework and you'll find github/gitlab code for terraform to follow this structure https://rst.software/blog/2020/08/the-5-pillars-of-the-aws-well-architected-framework-i-operational-excellence/ https://github.com/awslabs/aws-well-architected-labs
- awslabs/aws-well-architected-labs: Hands on labs and code to help you learn, measure, and build using architectural best practices.
-
Best practice and cost optimization
AWS Well architected labs: https://github.com/awslabs/aws-well-architected-labs
prowler
-
Cloud Security and Resilience: DevSecOps Tools and Practices
1. Prowler: https://github.com/prowler-cloud/prowler Prowler provides security best practices assessments, audits, incident response readiness, and continuous monitoring for AWS environments.
-
Ask HN: Cloud security auditing for indie-grade projects?
Which cloud provider?
https://github.com/prowler-cloud/prowler is easy to get going with, and gives decent results. It's much stronger at AWS than GCP or Azure.
Steampipe can be a little harder to wrap your head around, but scales really well and has broader support: https://hub.steampipe.io/mods?objectives=security
-
Automating AWS Prowler Scans
Task Role: Select or create a new role that has the necessary permissions. Ensure this role has the three required Prowler policies and an additional custom policy to put objects into the desired S3 bucket.
-
Azure and M365 Secure Config Review
Prowler and ScoutSuite are a good start for cloud stuff.
- AWS Account - Analysis
-
Open source alternative cloud security tool that works like Wiz/Lacework/Aqua
Yes! There are open source cloud security tools! Here are some open source tools out there: steampipe, prowler, cloudquery, and ZeusCloud.
-
CSPM opensource suggestions
If AWS is in use then i would add prowler to the list - https://github.com/prowler-cloud/prowler This is the best open source cspm for aws.
-
Practical way for security assestment in AWS with Prowler
More info you can find it at Prowler Github and Prowler Docs
- AWS Security Scanner
-
Opensource equivalent of Sailpoint
You’re not going to find a shiny enterprise web ui for free but there are tools out there. If you just want to review AWS accounts, you can use prowler https://github.com/prowler-cloud/prowler
What are some alternatives?
pacu - The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
ScoutSuite - Multi-Cloud Security Auditing Tool
cloudmapper - CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
bless - Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
steampipe-mod-aws-compliance - Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
chaostoolkit - Chaos Engineering Toolkit & Orchestration for Developers
terraform-aws-secure-baseline - Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
siem-on-amazon-opensearch-service - A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.
opencspm - Open Cloud Security Posture Management Engine
handbook.vantage.sh - The Cloud Cost Handbook is a free, open-source, community-supported set of guides meant to help explain often-times complex pricing of public cloud infrastructure and service providers in plain english.
CIS-Ubuntu-20.04-Ansible - Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation