aws.md

CloudSploit For Amazon Web Services (AWS)

Cloud Provider Configuration

Create a "cloudsploit" user, with the SecurityAudit policy.

1. Log into your AWS account as an admin or with permission to create IAM resources.
2. Navigate to the IAM console.
3. Click on Users
4. Create a new user (Add user)
5. Set the username to cloudsploit
6. Set the access type to "Programmatic access", click Next.
7. Select "Attach existing policies directly" and select the SecurityAudit policy.
8. Click "Create policy" to create a supplemental policy (some permissions are not included in SecurityAudit).
9. Click the "JSON" tab and paste the following permission set.

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Effect": "Allow",
               "Action": [
                   "ses:DescribeActiveReceiptRuleSet",
                   "athena:GetWorkGroup",
                   "logs:DescribeLogGroups",
                   "logs:DescribeMetricFilters",
                   "elastictranscoder:ListPipelines",
                   "elasticfilesystem:DescribeFileSystems",
                   "servicequotas:ListServiceQuotas"
               ],
               "Resource": "*"
           }
       ]
   }
   

10. Click "Review policy."
11. Provide a name (CloudSploitSupplemental) and click "Create policy."
12. Return to the "Create user" page and attach the newly-created policy. Click "Next: tags."
13. Set tags as needed and then click on "Create user".
14. Make sure you safely store the Access key ID and Secret access key.
15. Paste them into the corresponding AWS credentials section of the index.js file.

If using environment variables, the same ones expected by the aws sdks, namely AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN, can be used.