CloudMapper – Analyze your Amazon Web Services (AWS)

CloudMapper is a tool that may help you to analyze Amazon Web Services (AWS) environments. The original purpose was to generate network diagrams and display them in your browser. It now contains much more functionality, including auditing for security issues.

CloudMapper - Analyze your Amazon Web Services (AWS)
CloudMapper – Analyze your Amazon Web Services (AWS)

Commands that can be executed with this tool are:

  • audit: Check for potential misconfigurations.
  • collect: Collect metadata about an account. More details here.
  • find_admins: Look at IAM policies to identify admin users and roles, or principals with specific privileges. More details here.
  • find_unused: Look for unused resources in the account. Finds unused Security Groups, Elastic IPs, network interfaces, volumes and elastic load balancers.
  • prepare/webserver: See Network Visualizations
  • public: Find public hosts and port ranges. More details here.
  • sg_ips: Get geoip info on CIDRs trusted in Security Groups. More details here.
  • stats: Show counts of resources for accounts. More details here.
  • weboftrust: Show Web Of Trust. More details here.
  • report: Generate HTML report. Includes summary of the accounts and audit findings. More details here.
  • iam_report: Generate HTML report for the IAM information of an account. More details here.

If you want to add your own private commands, you can create a private_commands directory and add them there.

You can read more and download this tool over here: https://github.com/duo-labs/cloudmapper

Share
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments