AWS Security Info – August 2021 update

It’s been a bit of a quiet month for updates to the AWS Security Info modules. There’s been a couple of changes that I’m publishing today.

New features

  • We now support Organizations! That’s right.. If you point the script to the master account, and you specify the --organization parameter with the name of your organizational role, the script will interrogate every account in your organization.
  • The --regions flag will allow you to specify the regions you operate it, thus reducing the total number of API calls being made.
  • Managed AWS policies’ get_policy_version data is now added to the initial.json file, and fed into the data load on first load. This is speeding up the data collection process significantly by reducing the amount of API calls for managed AWS policies that do not change very often. Should AWS make changes to their policies, simply delete the initial.json file, and let the script run through it once.

Bug fixes

  • Using --assumerole works fine, however when you have an empty --externalid, the sts module fails.
  • checkVersion incorrectly flagged newer boto versions as not being upgraded.

Data collection

  • AWS SSO has been added. Note that some aspects are still missing (like identitystore, and the visibility of MFA settings in SSO, and that for users)

Policy updates

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s