Skip to content
This repository has been archived by the owner on May 13, 2021. It is now read-only.

forward3d/garrison-agent-aws-iam

BranchesTags

Repository files navigation

Garrison Agent - AWS IAM

This is a part of the Garrison security project. This agent mainly provides compliance alerts and other basic checks.

Checks Provided

Function Name Description
check_mfa Alerts for IAM Users that have no MFA devices and console access
check_unused Alerts for IAM Access Keys that have not been used in the last X days

Installation & Example

Docker Hub - https://hub.docker.com/r/forward3d/garrison-agent-aws-iam/

docker pull forward3d/garrison-agent-aws-guardduty
docker run --rm -e "GARRISON_URL=https://garrison.internal.acme.com" forward3d/garrison-agent-aws-iam check_mfa

AWS Authentication

As this requires access to the AWS API you will need this IAM policy as a minimum for it to operate correctly.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "iam:GetAccessKeyLastUsed",
                "iam:ListUsers",
                "iam:ListMFADevices",
                "iam:ListAccessKeys"
            ],
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}

We recommend using EC2/ECS Task roles so that you don't need to send credentials into the container, however if you can't use those or want to send in specific Access Keys and Secret keys, please see the AWS Documentation as to how you do that.

Check Specific Configuration

Some checks provided by this agent have extra configuration options.

check_unused

Environmental Variable Default
GARRISON_IAM_THRESHOLD 90

About

Garrison Agent that provides AWS IAM compliance checks

github.com/forward3d/garrison

Topics

compliance aws-iam garrison garrison-agent

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

13 watching

Forks

1 fork
Report repository

Releases

4 tags

Packages

No packages published

Contributors 5

Languages