« Previous 1 2 3
AWS security scans with Scout2
Dig Deep
A Thunder of Hippos
Now for the moment of truth: You can run your sophisticated AWS auditing tool over the AWS collective with the command:
$ Scout2 --profile <name-in-AWS-cred-file> --service iam --regions eu-west-1
First, however, replace the profile name from your ~/.aws/credentials
file with the profile variable (e.g., [default] becomes default
, in place of <name-in-AWS-cred-file>, and you might need to change your --regions
argument if you're not using Dublin, Ireland, as I was.
The resulting report, assuming your browser doesn't open automatically, is found in the file ~/scout2-report/report.html
or, if you're root, /root/scout2-report/report.html
.
Because I usually run this as root, I tend to copy and chown
the whole scout2-report/
directory into my non-privileged user's home directory before clicking on the HTML report, which should pop up in a browser.
Figure 5 shows my report, with the account number redacted for security reasons; the massive number of AWS services is also truncated.
I'm going to leave you to explore the detail offered by the prodigious security tool that is Scout2. Ideally, you should spend some time familiarizing yourself with how AWS grades its security advisories and, more importantly, how you can remediate them. Because of the multitude of AWS services now on offer, there's simply too much to cover here.
To whet your appetite, check out Figure 6, my IAM report dashboard, and Figure 7, a redacted report from another section with a higher level of detail.
The End
Once you've reviewed your results, I hope you will agree that the Scout2 reports are genuinely comprehensive and allow you to drill down into each section to gain some very useful details on the issues that require fixing. Because the NCC Scout2 tool is actively maintained and used by NCC, it's a good bet that additional AWS features and services will be added in the future to keep it current.
When such excellent security tools exist, you have little excuse not to know about the issues that affect your AWS cloud infrastructure, even if you're reluctant to fix some of them.
I trust you will find Scout2 as valuable in keeping your services running round the clock as I do.
Infos
- NCC Group: https://www.nccgroup.trust
- Cloud Industry Forum: https://www.cloudindustryforum.org/content/uk-cloud-adoption-rate-reaches-88-finds-new-research-cloud-industry-forum
- NCC GitHub page: https://github.com/nccgroup/Scout2
- IAM policy: https://github.com/nccgroup/AWS-recipes/blob/master/IAM-Policies/Scout2-Default.json
- EPEL: https://fedoraproject.org/wiki/EPEL
- AWS docs: https://docs.aws.amazon.com/cli/latest/userguide/installing.html
- awscli path: https://docs.aws.amazon.com/cli/latest/userguide/awscli-install-linux.html#awscli-install-linux-path
- Credentials docs: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/setup-credentials.html
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.