capsule.adrianhesketh.com
Running automated security checks on AWS using Scout2 in a Docker container
I came across this tool [0] and thought I'd give it a try out.
First, I created a new user in my AWS environment and applied the `ReadOnly` and `SecurityAudit` roles to it.
Then I decided to run the script in a Docker container. I've included instructions here in case you want to do the same.
FROM python:3.7-alpine3.7 RUN pip install awsscout2 VOLUME ["/report"] CMD /usr/local/bin/Scout2 --report-dir /report
The end result is a very useful static HTML report. Of course, it flagged some false positives, but is a good data point on how the environment is set up.