Wednesday, February 3, 2016

AWS CloudFormation template security group viewer

        Almost any AWS CloudFormation template are more then long enough. It's OK when you are dealing with different relatively "static" resources but become a big  problem for something way more dynamic like security group.
    This kind of resource you need to modify and review a lot, especially if you cloud security professional.  Reading AWS CloudFromation template JSON manually  makes your life miserable and you can easily miss bunch of security problems and holes.
     My small aws_secgroup_viewer Python program helps you to quickly review and analyse all security groups in your template.

     https://github.com/IhorKravchuk/it-security/blob/master/aws_secgroup_viewer.py

     Supports both security group notations used by CloudFormation: firewall rules inside security group or as separate resources linked to group.

No comments:

Post a Comment