Download
CloudMapper helps you analyze your Amazon Web Services (AWS) environments. The original purpose was to generate network diagrams and display them in your browser (functionality no longer maintained). It now contains much more functionality, including auditing for security issues. If you want to add your own private commands, you can create a private_commands directory and add them there. You must have AWS credentials configured that can be used by the CLI with reading permissions for the different metadata to collect. Cloudmapper needs to make IAM calls and cannot use session credentials for collection, so you cannot use the AWS-vault server if you want to collect data, and must pass role credentials indirectly or configure AWS credentials manually inside the container. Generate HTML report. Includes a summary of the accounts and audit findings. Generate an HTML report for the IAM information of an account.
Features
- Check for potential misconfigurations
- Collect metadata about an account
- Look at IAM policies to identify admin users and roles, or principals with specific privileges
- Look for unused resources in the account. Finds unused Security Groups, Elastic IPs, network interfaces, volumes and elastic load balancers
- Find public hosts and port ranges
- Get geoip info on CIDRs trusted in Security Groups
Project Samples
