AWS Sentinel is a powerful command-line security scanner for AWS resources. It helps identify common security issues and misconfigurations in your AWS environment.
AWS Sentinel currently checks for the following security issues:
- S3 Buckets: Identifies publicly accessible buckets
- EC2 Security Groups: Finds security groups with port 22 (SSH) open to the public
- EBS Volumes: Detects unencrypted volumes
- IAM Users: Identifies users without Multi-Factor Authentication (MFA)
You can install AWS Sentinel using pip:
pip install aws-sentinelOr using uv
uv pip install aws-sentinelRun a full security scan using your default AWS profile:
aws-sentinel scanIf you don't specify a profile or region, it will use the default profile and us-east-1 region.
Usage: aws-sentinel scan [OPTIONS]
Options:
--profile TEXT AWS profile to use for authentication (from
~/.aws/credentials)
--region TEXT AWS region to scan for security issues
--checks TEXT Comma-separated list of checks to run
(s3,ec2,ebs,iam) or "all"
--output [table|json|csv] Output format for scan results
--severity [low|medium|high|all]
Filter results by minimum severity level
-v, --verbose Enable verbose output
-h, --help Show this message and exit.
Run a scan with a specific AWS profile and region:
aws-sentinel scan --profile production --region us-west-2Run only specific security checks:
aws-sentinel scan --checks s3,iamExport results in JSON format:
aws-sentinel scan --output json > security_report.jsonExport results in CSV format:
aws-sentinel scan --output csv > security_report.csvShow only high severity issues:
aws-sentinel scan --severity highGet detailed documentation:
aws-sentinel docs █████╗ ██╗ ██╗███████╗ ███████╗███████╗███╗ ██╗████████╗██╗███╗ ██╗███████╗██╗
██╔══██╗██║ ██║██╔════╝ ██╔════╝██╔════╝████╗ ██║╚══██╔══╝██║████╗ ██║██╔════╝██║
███████║██║ █╗ ██║███████╗ ███████╗█████╗ ██╔██╗ ██║ ██║ ██║██╔██╗ ██║█████╗ ██║
██╔══██║██║███╗██║╚════██║ ╚════██║██╔══╝ ██║╚██╗██║ ██║ ██║██║╚██╗██║██╔══╝ ██║
██║ ██║╚███╔███╔╝███████║ ███████║███████╗██║ ╚████║ ██║ ██║██║ ╚████║███████╗███████╗
╚═╝ ╚═╝ ╚══╝╚══╝ ╚══════╝ ╚══════╝╚══════╝╚═╝ ╚═══╝ ╚═╝ ╚═╝╚═╝ ╚═══╝╚══════╝╚══════╝
AWS Security Sentinel
Scanning AWS account using profile: default in region: us-east-1
Initializing security checks...
+-------------------------+
| AWS Security Issues Detected |
+--------+---------------+------------------------------------------+
| Service| Resource | Issue |
+--------+---------------+------------------------------------------+
| S3 | mybucket | Public bucket |
| EC2 | sg-12345abcde | Security group with port 22 open to public |
| EBS | vol-67890fghij| Unencrypted volume |
| IAM | alice | User without MFA |
+--------+---------------+------------------------------------------+{
"scan_results": {
"profile": "default",
"region": "us-east-1",
"scan_time": "2025-04-15T14:32:17.654321",
"issues_count": 3,
"issues": [
{
"service": "S3",
"resource": "public-bucket",
"issue": "Public bucket",
"severity": "HIGH"
},
{
"service": "EC2",
"resource": "sg-12345abcde",
"issue": "Security group with port 22 open to public",
"severity": "HIGH"
},
{
"service": "IAM",
"resource": "admin-user",
"issue": "User without MFA",
"severity": "HIGH"
}
]
}
}
- Python 3.9+
- AWS credentials configured (via AWS CLI or environment variables)
- Required permissions to access AWS resources
To set up the project for development:
-
Clone the repository:
git clone https://github.com/rishabkumar7/aws-sentinel.git cd aws-sentinel -
Create a virtual environment:
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install development dependencies:
pip install -e '.[dev]' -
Run the tests:
python -m unittest discover tests
MIT License
Contributions are welcome! Please feel free to submit an Issue and a Pull Request.