Automated Defence against public S3 buckets
Cloud Custodian
- Custodian is an open source rules engine for fleet management in AWS
- YAML DSL for policies based on querying resources or subscribe to events then apply filters and take actions.
- Outputs to Amazon S3, Amazon Cloud Watch Logs, Amazon Cloud Watch Metrics
Consider this is an open-source replacement for AWS Cloud Config :)
Overview
Organizations can use Custodian to manage their AWS environments by ensuring compliance to security policies, tag policies, garbage collection of unused resources, and cost management via off-hours resource management, all from the same place. Custodian policies are written in simple YAML configuration files that specify given resource types and are constructed from a vocabulary of filters and actions.