FredsCloudMonitor/README.md

Fred's Cloud Monitor (FCM)

Provides a set of enforced guardrails to AWS configuration changes.

Goals

• Widely decoupled design.
• Serverless.
• Receive input events from cloudtrail, AWS config, or manual sources.
• Provide standard libraries to easily add additional functionality.
• Encryption throughout
• Simple configuration through command-line files.

Principal #1

The right way to protect your assets is to prevent them in the first place. While FCM provides automated remediation for a variety of possible misconfigurations, the better way to handle things is to prevent them in the first place through appropriate IAM policies.

FCM is reactive, which is always a worse solution than proactive prevention. That said, FCM can find and fix security issues that may have slipped through the cracks.

Dependencies

Requires python3 and terraform.

Bootstrapping

To get started, terraform needs a centralized S3 bucket to store its state. This allows you to store FCM in git and allow updates from multiple individuals on their own workstations.

1. Ensure you have valid credentials for AWS in one of the API's supported methods.
2. Edit bootstrap/s3.terraform-state.tf and set your preferred region and a unique bucket name.

3. Run the following to initialize a new S3 bucket in your account.

   cd bootstrap
   terraform init
   terraform apply
   

Sample

Review the files in sample/ for an example of what a generated function from event to remediation might look like.