Skip to content

Tool for auditing AWS S3 buckets

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Notifications You must be signed in to change notification settings

scalefactory/s3audit-rs

S3 Audit

S3 Audit is a tool that reports on various aspects of S3 buckets within an AWS account.

For more information, read We rewrote s3audit in Rust.

Installation

cargo install s3audit

Usage

AWS credentials will be taken from the environment, it is recommended to run s3audit using a tool like aws-vault.

# Report on all buckets
s3audit

# Report on all buckets with output in CSV format
s3audit --format=csv

# Enable only a few specific audits
s3audit --disable-check=all --enable-check=acl --enable-check=encryption

# Disable coloured output
env NO_COLOR=1 s3audit

AWS permissions

You should use run s3audit as an IAM principal that is allowed to call s3:ListAllMyBuckets, and is also allow to run these (read only) actions for all buckets in your account:

  • s3:ListAllMyBuckets
  • s3:GetBucketAcl
  • s3:GetBucketLogging
  • s3:GetBucketPolicy
  • s3:GetBucketPublicAccessBlock
  • s3:GetBucketVersioning
  • s3:GetBucketWebsite
  • s3:GetEncryptionConfiguration

Minimum Supported Rust Version (MSRV)

v1.78.0

License

Licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

About

Tool for auditing AWS S3 buckets

Resources

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages