AWS Scripts

Various AWS Automation Scripts

A collection of shell scripts for automating various security tasks with Amazon Web Services.
You will need the AWS-CLI installed and configured to make this work correctly.

Scripts

WAF/WAF.SH: Creates a WAF using cloud formation and a rules template.

ACM/acmdigicert.sh: Creates Digicert TLS certificates using their API and uploads them to ACM.

Cloudfront/quickaudit.sh: Quickly audits CloudFront for WAF, Logging, TLS and HTTP Only usage.

EC2/noingress.sh: Lists all in-use security groups that allow 0.0.0.0/0 for your inspection.

EC2/notused.sh: Lists all unused security groups that can likely be removed.

EC2/instances.sh: Lists all EC2 Instances in all AvailabilityZones.

EC2/SecurityGroups/addssh.sh: Adds rule to allow SSH access from your current public IP address.

EC2/SecurityGroups/removessh.sh: Removes rules allowing SSH access from your current public IP address.

GuardDuty/enale.sh: Enables GuardDuty in all available regions.

GuardDuty/findings.sh: Exports all GuardDuty findings to .json files.

S3/policies.sh: Lists all ACLs for S3 buckets in your account.

IAM/EC2USEastOnly.json: IAM policy that only allows EC2 instances in US-East-1.

IAM/userreport.sh: Downloads the credential report for for all configured profiles in ~/.aws/credentials.

Important Notice

I likely dont know what I am doing and this could be done faster, better and simpler some other way. These scripts could also break your cloud and make you cry.