ollionorg / cloud-custodian-aws-policies
CloudCustodian Rules engine for cloud security and governance, DSL in yaml for policies to query, filter, and take actions on resources
☆16Updated last year
Related projects: ⓘ
- Awesome AWS service control policies (SCPs)☆17Updated 3 weeks ago
- ☆21Updated last year
- Configure and deploy AWS Security Hub.☆15Updated last year
- Terraform module to provision Service Control Policies (SCP) for AWS Organizations, Organizational Units, and AWS accounts☆47Updated last week
- Terraform module to suppress specific events from security hub based on a dynamodb based configuration.☆16Updated last week
- ☆13Updated 7 months ago
- Implements OPA-based preventive security controls for AWS Infrastructure using Terraform Infrastructure as Code (IaC), that can establish…☆34Updated 9 months ago
- A GitHub action that runs terratest tests within the repo☆10Updated last week
- ☆37Updated 3 years ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated last year
- SSH-Restricted deploys an SSH compliance rule (AWS Config) with auto-remediation via AWS Lambda if SSH access is public.☆30Updated 3 years ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆33Updated last month
- A cloud security tool to search and clean up unused AWS access keys, written in Go.☆49Updated 2 years ago
- Run compliance and security controls to detect Terraform AWS resources deviating from security best practices prior to deployment using P…☆24Updated 6 months ago
- Slack alert bot for matching Github Audit Events☆10Updated 3 weeks ago
- A library of example Spacelift policies☆42Updated last week
- ☆23Updated this week
- Useful scripts for maintaining multiple AWS Accounts☆42Updated 5 months ago
- Cloud governance reports from native services in a clear and readable digest☆28Updated 11 months ago
- Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation☆42Updated 3 years ago
- This project provides and example of how you can use the combination of AWS Systems Manager Session Manager and Amazon EC2 Instance Conne…☆35Updated last year
- ☆41Updated 9 months ago
- This project provides a solution to AWS customers for reporting on what tags exists, the resources they are applied to, and what resource…☆20Updated 6 months ago
- Tag instances & databases with cron-style stop/start schedules to cut AWS costs. Also schedule EBS, EC2 & RDS backups, plus CloudFormatio…☆35Updated last year
- ☆26Updated 2 months ago
- Combines AWS Organizations Service Control Policies (SCP)☆50Updated 5 months ago
- Example code for setting up CIS Benchmarks using EventBridge☆19Updated 2 years ago
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated 11 months ago
- A collection of useful queries that can be used to verify compliance/security across your AWS assets☆31Updated 5 years ago
- Crowdsourced list of sensitive IAM Actions☆132Updated last week