AWS Security Automation is a project designed to enhance cloud security by automating security monitoring, misconfiguration detection, and threat response within AWS environments. This project leverages AWS-native services, Python scripts, and security best practices to provide an automated security framework.
- Automated Security Monitoring: Real-time monitoring of AWS resources for security threats.
- Misconfiguration Detection: Identifies misconfigured AWS services such as open S3 buckets, overprivileged IAM roles, and security group vulnerabilities.
- Threat Detection: Uses AWS CloudTrail, GuardDuty, and custom Python scripts to detect anomalous activities.
- Auto-Remediation: Triggers Lambda functions to remediate security risks automatically.
- Compliance Reporting: Generates security compliance reports for AWS resources.
- AWS Services:
- AWS Lambda
- AWS CloudWatch
- AWS IAM
- AWS S3
- AWS WAF
- AWS GuardDuty
- AWS Config
- AWS Security Hub
- Programming Languages:
- Python
- Boto3 (AWS SDK for Python)
- Clone the repository:
git clone https://github.com/Himangshu30/AWS-Security-Automation.git cd AWS-Security-Automation - Install dependencies:
pip install -r requirements.txt
- Configure AWS credentials:
aws configure
- Deploy the automation scripts using AWS Lambda or EC2.
- Run security checks manually:
python security_checker.py
- Deploy automated monitoring using AWS Lambda:
- Upload the Lambda function script.
- Configure necessary IAM roles and policies.
- View security reports in AWS Security Hub.
Contributions are welcome! If you have suggestions or improvements, feel free to submit a pull request.
For any queries or support, reach out to Himangshu Sarkar at GitHub.