aws-security-audit

Featured

Comprehensive AWS security posture assessment using AWS CLI and security best practices

AI & Automation 39,227 stars 6374 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# AWS Security Audit Perform comprehensive security assessments of AWS environments to identify vulnerabilities and misconfigurations. ## When to Use Use this skill when you need to audit AWS security posture, identify vulnerabilities, or prepare for compliance assessments. ## Audit Categories **Identity & Access Management** - Overly permissive IAM policies - Unused IAM users and roles - MFA enforcement gaps - Root account usage - Access key rotation **Network Security** - Open security groups (0.0.0.0/0) - Public S3 buckets - Unencrypted data in transit - VPC flow logs disabled - Network ACL misconfigurations **Data Protection** - Unencrypted EBS volumes - Unencrypted RDS instances - S3 bucket encryption disabled - Backup policies missing - KMS key rotation disabled **Logging & Monitoring** - CloudTrail disabled - CloudWatch alarms missing - VPC Flow Logs disabled - S3 access logging disabled - Config recording disabled ## Security Audit Commands ### IAM Security Checks ```bash # List users without MFA aws iam get-credential-report --output text | \ awk -F, '$4=="false" && $1!="<root_account>" {print $1}' # Find unused IAM users (no activity in 90 days) aws iam list-users --query 'Users[*].[UserName]' --output text | \ while read user; do last_used=$(aws iam get-user --user-name "$user" \ --query 'User.PasswordLastUsed' --output text) echo "$user: $last_used" done # List overly permissive policies (AdministratorAccess) aws iam list-policies --scope Loc...

Details

Author
sickn33
Repository
sickn33/antigravity-awesome-skills
Created
4 months ago
Last Updated
today
Language
Python
License
MIT

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Listed

aws-security-audit

Comprehensive AWS security posture assessment using AWS CLI and security best practices

335 Updated today
aiskillstore
DevOps & Infrastructure Listed

aws-lambda-security

Security audit for AWS Lambda functions including IAM role least privilege, environment variable encryption (KMS), Function URLs vs API Gateway, VPC config, layer usage, container image scanning, X-Ray and logs PII, cold start state, async invocation handling, and Lambda-specific patterns across Node, Python, Go, Java runtimes. Use this skill whenever the user mentions AWS Lambda, lambda function, IAM role, Function URL, API Gateway + Lambda, Lambda layer, SAM, CDK Lambda, Serverless Framework, or asks "audit my Lambda", "Lambda security review", "Lambda IAM". Trigger when the codebase contains `serverless.yml`, `template.yaml` (SAM), `cdk.json`, or Lambda handler patterns.

1 Updated 6 days ago
hlsitechio
AI & Automation Featured

securing-aws-iam-permissions

This skill guides practitioners through hardening AWS Identity and Access Management configurations to enforce least privilege access across cloud accounts. It covers IAM policy scoping, permission boundaries, Access Analyzer integration, and credential rotation strategies to reduce the blast radius of compromised identities.

12,642 Updated today
mukul975
AI & Automation Solid

aws-security-scanner

AWS security configuration scanning and hardening using Prowler, Security Hub, and AWS Config

1,034 Updated today
a5c-ai
AI & Automation Featured

aws-compliance-checker

Automated compliance checking against CIS, PCI-DSS, HIPAA, and SOC 2 benchmarks

39,227 Updated today
sickn33