| Name | aws-service-screener JSON |
| Version |
2.0.2a3
JSON |
| download |
| home_page | None |
| Summary | An open source guidance tool for AWS environments |
| upload_time | 2024-04-05 03:26:37 |
| maintainer | None |
| docs_url | None |
| author | AWS |
| requires_python | <4.0,>=3.8 |
| license | Apache 2.0 license |
| keywords |
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# Service Screener
An open source guidance tool for the AWS environment. Click [here](https://bit.ly/ssv2demo) for sample report.
Disclaimer: The generated report has to be hosted locally and MUST NOT be internet accessible
## Overview
Service Screener is a tool that runs automated checks on AWS environments and provides recommendations based on AWS and community best practices.
AWS customers can use this tool on their own environments and use the recommendations to improve the Security, Reliability, Operational Excellence, Performance Efficiency and Cost Optimisation at the service level.
This tool aims to complement the [AWS Well Architected Tool](https://aws.amazon.com/well-architected-tool/).
## How does it work?
Service Screener uses [AWS Cloudshell](https://aws.amazon.com/cloudshell/), a free serivce that provides a browser-based shell to run scripts using the AWS CLI. It runs multiple `describe` and `get` API calls to determine the configuration of your environment.
## How much does it cost?
Running this tool is free as it is covered under the AWS Free Tier. If you have exceeded the free tier limits, each run will cost less than $0.01.
## Prerequisites
1. Please review the [DISCLAIMER](./DISCLAIMER.md) before proceeding.
2. You must have an existing AWS Account.
3. You must have an IAM User with sufficient read permissions. Here is a sample [policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_iam_read-only-console.html). Additionally, the IAM User must also have the following permissions:
a. AWSCloudShellFullAccess
b. cloudformation:CreateStack
## Installing service-screener V2
1. [Log in to your AWS account](https://docs.aws.amazon.com/cloudshell/latest/userguide/getting-started.html#start-session) using the IAM User with sufficient permissions described above.
2. Launch [AWS CloudShell](https://docs.aws.amazon.com/cloudshell/latest/userguide/getting-started.html#launch-region-shell) in any region.
<details>
<summary>Launch AWS Cloudshell Walkthrough</summary>
</details>
In the AWS CloudShell terminal, run this script this to install the dependencies:
```bash
python3 -m venv .
source bin/activate
python3 -m pip install --upgrade pip
rm -rf service-screener-v2
git clone https://github.com/aws-samples/service-screener-v2.git
cd service-screener-v2
pip install -r requirements.txt
alias screener="python3 $(pwd)/main.py"
```
<details>
<summary>Install Dependecies Walkthrough</summary>
</details>
## Using Service Screener
When running Service Screener, you will need to specify the regions and services you would like it to run on. It currently supports Amazon Cloudfront, AWS Cloudtrail, Amazon Dynamodb, Amazon EC2, Amazon EFS, Amazon RDS, Amazon EKS, Amazon Elasticache, Amazon Guardduty, AWS IAM, Amazon Opensearch, AWS Lambda, and Amazon S3.
We recommend running it in all regions where you have deployed workloads in. Adjust the code samples below to suit your needs then copy and paste it into Cloudshell to run Service Screener.
**Example 1: Run in the Singapore region, check all services**
```
screener --regions ap-southeast-1
```
**Example 2: Run in the Singapore region, check only Amazon S3**
```
screener --regions ap-southeast-1 --services s3
```
**Example 3: Run in the Singapore & North Virginia regions, check all services**
```
screener --regions ap-southeast-1,us-east-1
```
**Example 4: Run in the Singapore & North Virginia regions, check RDS and IAM**
```
screener --regions ap-southeast-1,us-east-1 --services rds,iam
```
**Example 5: Run in the Singapore region, filter resources based on tags (e.g: Name=env Values=prod and Name=department Values=hr,coe)**
```
screener --regions ap-southeast-1 --filters env=prod%department=hr,coe
```
**Example 6: Run in all regions and all services**
```
screener --regions ALL
```
### Other parameters
```bash
##mode
--mode api-full | api-raw | report
# api-full: give full results in JSON format
# api-raw: raw findings
# report: generate default web html
```
<details>
<summary>Get Report Walkthrough</summary>
</details>
### Downloading the report
The output is generated as a ~/service-screener-v2/output.zip file.
You can [download the file](https://docs.aws.amazon.com/cloudshell/latest/userguide/working-with-cloudshell.html#files-storage) in the CloudShell console by clicking the *Download file* button under the *Actions* menu on the top right of the Cloudshell console.
<details>
<summary>Download Output & Report Viewing Walkthrough</summary>
Once downloaded, unzip the file and open 'index.html' in your browser. You should see a page like this:
Ensure that you can see the service(s) run on listed on the left pane.
You can navigate to the service(s) listed to see detailed findings on each service.
</details>
<details>
<summary>Sample Output Walkthrough</summary>
</details>
## Using the report
The report provides you an easy-to-navigate dashboard of the various best-practice checks that were run.
Use the left navigation bar to explore the checks for each service. Expand each check to read the description, find out which resources were highlighted, and get recommendations on how to remediate the findings.
## Contributing to service-screener
We encourage public contributions! Please review [CONTRIBUTING](./CONTRIBUTING.md) for details on our code of conduct and development process.
## Contact
Please review [CONTRIBUTING](./CONTRIBUTING.md) to raise any issues.
## Security
See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.
## License
This project is licensed under the Apache-2.0 License.
Raw data
{
"_id": null,
"home_page": null,
"name": "aws-service-screener",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.8",
"maintainer_email": null,
"keywords": null,
"author": "AWS",
"author_email": "aws-gh-ss@amazon.com",
"download_url": "https://files.pythonhosted.org/packages/62/68/973f1eaca3d31c3dab2b1d317cbf19aa4cbf0bce65455864924acc542f5d/aws_service_screener-2.0.2a3.tar.gz",
"platform": null,
"description": "# Service Screener\n\nAn open source guidance tool for the AWS environment. Click [here](https://bit.ly/ssv2demo) for sample report.\n\nDisclaimer: The generated report has to be hosted locally and MUST NOT be internet accessible\n\n## Overview\nService Screener is a tool that runs automated checks on AWS environments and provides recommendations based on AWS and community best practices. \n\nAWS customers can use this tool on their own environments and use the recommendations to improve the Security, Reliability, Operational Excellence, Performance Efficiency and Cost Optimisation at the service level. \n\nThis tool aims to complement the [AWS Well Architected Tool](https://aws.amazon.com/well-architected-tool/). \n\n## How does it work?\nService Screener uses [AWS Cloudshell](https://aws.amazon.com/cloudshell/), a free serivce that provides a browser-based shell to run scripts using the AWS CLI. It runs multiple `describe` and `get` API calls to determine the configuration of your environment.\n\n## How much does it cost?\nRunning this tool is free as it is covered under the AWS Free Tier. If you have exceeded the free tier limits, each run will cost less than $0.01.\n\n## Prerequisites\n1. Please review the [DISCLAIMER](./DISCLAIMER.md) before proceeding. \n2. You must have an existing AWS Account.\n3. You must have an IAM User with sufficient read permissions. Here is a sample [policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_iam_read-only-console.html). Additionally, the IAM User must also have the following permissions:\n a. AWSCloudShellFullAccess\n b. cloudformation:CreateStack\n\n## Installing service-screener V2\n1. [Log in to your AWS account](https://docs.aws.amazon.com/cloudshell/latest/userguide/getting-started.html#start-session) using the IAM User with sufficient permissions described above. \n2. Launch [AWS CloudShell](https://docs.aws.amazon.com/cloudshell/latest/userguide/getting-started.html#launch-region-shell) in any region. \n\n<details>\n<summary>Launch AWS Cloudshell Walkthrough</summary>\n \n\n</details>\n\nIn the AWS CloudShell terminal, run this script this to install the dependencies:\n```bash\npython3 -m venv .\nsource bin/activate\npython3 -m pip install --upgrade pip\nrm -rf service-screener-v2\ngit clone https://github.com/aws-samples/service-screener-v2.git\ncd service-screener-v2\npip install -r requirements.txt\nalias screener=\"python3 $(pwd)/main.py\"\n\n```\n<details>\n<summary>Install Dependecies Walkthrough</summary>\n \n\n</details>\n\n## Using Service Screener\nWhen running Service Screener, you will need to specify the regions and services you would like it to run on. It currently supports Amazon Cloudfront, AWS Cloudtrail, Amazon Dynamodb, Amazon EC2, Amazon EFS, Amazon RDS, Amazon EKS, Amazon Elasticache, Amazon Guardduty, AWS IAM, Amazon Opensearch, AWS Lambda, and Amazon S3.\n\nWe recommend running it in all regions where you have deployed workloads in. Adjust the code samples below to suit your needs then copy and paste it into Cloudshell to run Service Screener. \n\n**Example 1: Run in the Singapore region, check all services**\n```\nscreener --regions ap-southeast-1 \n```\n\n**Example 2: Run in the Singapore region, check only Amazon S3**\n```\nscreener --regions ap-southeast-1 --services s3\n```\n\n**Example 3: Run in the Singapore & North Virginia regions, check all services**\n```\nscreener --regions ap-southeast-1,us-east-1\n```\n\n**Example 4: Run in the Singapore & North Virginia regions, check RDS and IAM**\n```\nscreener --regions ap-southeast-1,us-east-1 --services rds,iam\n```\n\n**Example 5: Run in the Singapore region, filter resources based on tags (e.g: Name=env Values=prod and Name=department Values=hr,coe)**\n```\nscreener --regions ap-southeast-1 --filters env=prod%department=hr,coe\n```\n\n**Example 6: Run in all regions and all services**\n```\nscreener --regions ALL\n```\n\n### Other parameters\n```bash\n##mode\n--mode api-full | api-raw | report\n\n# api-full: give full results in JSON format\n# api-raw: raw findings\n# report: generate default web html\n```\n<details>\n<summary>Get Report Walkthrough</summary>\n \n\n</details>\n\n### Downloading the report\nThe output is generated as a ~/service-screener-v2/output.zip file. \nYou can [download the file](https://docs.aws.amazon.com/cloudshell/latest/userguide/working-with-cloudshell.html#files-storage) in the CloudShell console by clicking the *Download file* button under the *Actions* menu on the top right of the Cloudshell console. \n\n<details>\n<summary>Download Output & Report Viewing Walkthrough</summary>\n \n\n\nOnce downloaded, unzip the file and open 'index.html' in your browser. You should see a page like this:\n\n\n\nEnsure that you can see the service(s) run on listed on the left pane.\nYou can navigate to the service(s) listed to see detailed findings on each service. \n</details>\n\n<details>\n<summary>Sample Output Walkthrough</summary>\n \n\n</details>\n\n## Using the report \nThe report provides you an easy-to-navigate dashboard of the various best-practice checks that were run. \n\nUse the left navigation bar to explore the checks for each service. Expand each check to read the description, find out which resources were highlighted, and get recommendations on how to remediate the findings. \n\n## Contributing to service-screener\nWe encourage public contributions! Please review [CONTRIBUTING](./CONTRIBUTING.md) for details on our code of conduct and development process.\n\n## Contact\nPlease review [CONTRIBUTING](./CONTRIBUTING.md) to raise any issues. \n\n## Security\nSee [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.\n\n## License\nThis project is licensed under the Apache-2.0 License.\n\n",
"bugtrack_url": null,
"license": "Apache 2.0 license",
"summary": "An open source guidance tool for AWS environments",
"version": "2.0.2a3",
"project_urls": null,
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "76c082aa02f5e9065668e9246b271fe478da2a5e2837ab4deb974bb1ef35a711",
"md5": "369057e6cc7a90e37e78c3e387d4f7a9",
"sha256": "0a3076ada8b2aa20c015040a908f6e7e47de24f0dd830d57edc2de2147dab4aa"
},
"downloads": -1,
"filename": "aws_service_screener-2.0.2a3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "369057e6cc7a90e37e78c3e387d4f7a9",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.8",
"size": 2899523,
"upload_time": "2024-04-05T03:26:35",
"upload_time_iso_8601": "2024-04-05T03:26:35.360383Z",
"url": "https://files.pythonhosted.org/packages/76/c0/82aa02f5e9065668e9246b271fe478da2a5e2837ab4deb974bb1ef35a711/aws_service_screener-2.0.2a3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "6268973f1eaca3d31c3dab2b1d317cbf19aa4cbf0bce65455864924acc542f5d",
"md5": "f859acab14cb7f5cc4c77bdaa2dc62cb",
"sha256": "ff6d76b56e3b31e918c5bd526f6038914eb614df144cec4d0a59640e4e06a214"
},
"downloads": -1,
"filename": "aws_service_screener-2.0.2a3.tar.gz",
"has_sig": false,
"md5_digest": "f859acab14cb7f5cc4c77bdaa2dc62cb",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.8",
"size": 2886153,
"upload_time": "2024-04-05T03:26:37",
"upload_time_iso_8601": "2024-04-05T03:26:37.999549Z",
"url": "https://files.pythonhosted.org/packages/62/68/973f1eaca3d31c3dab2b1d317cbf19aa4cbf0bce65455864924acc542f5d/aws_service_screener-2.0.2a3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-05 03:26:37",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "aws-service-screener"
}
