├── .DS_Store ├── .coverage ├── .flake8 ├── .github └── workflows │ └── tests.yml ├── AUTHORS.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── VERSION ├── deployment ├── __init__.py ├── __pycache__ │ ├── bedrock_integration.cpython-313.pyc │ └── index.cpython-313.pyc ├── bedrock_integration.py ├── index.py └── modules │ ├── __init__.py │ ├── access_analyzer_findings.py │ ├── cloudtrail_findings.py │ ├── email_utils.py │ ├── iam_findings.py │ ├── narrative.py │ ├── reporting.py │ ├── scp_findings.py │ └── securityhub_findings.py ├── docs ├── .DS_Store ├── architecture.md ├── deployment.md ├── email-setup.md └── usage.md ├── examples └── sample-access-report.csv ├── lambda_function.zip ├── pyproject.toml ├── pytest.ini ├── requirements.txt ├── scripts ├── check_aws_creds.sh ├── cleanup.sh ├── deploy.sh ├── run_report.sh ├── run_tests.sh └── setup_dev.sh ├── src ├── cli │ ├── __init__.py │ ├── local_runner.py │ └── test_lambda.py └── lambda │ ├── __init__.py │ ├── __pycache__ │ ├── bedrock_integration.cpython-313.pyc │ └── index.cpython-313.pyc │ ├── bedrock_integration.py │ ├── index.py │ └── modules │ ├── __init__.py │ ├── access_analyzer_findings.py │ ├── cloudtrail_findings.py │ ├── email_utils.py │ ├── iam_findings.py │ ├── narrative.py │ ├── reporting.py │ ├── scp_findings.py │ └── securityhub_findings.py ├── templates ├── access-review-real.yaml └── access-review.yaml └── tests ├── cfn ├── __init__.py ├── __pycache__ │ └── test_template.cpython-313-pytest-8.3.4.pyc └── test_template.py ├── integration └── __init__.py ├── style ├── __init__.py └── test_code_style.py └── unit ├── __init__.py ├── __pycache__ ├── test_bedrock_integration.cpython-313-pytest-8.3.4.pyc ├── test_code_style.cpython-313-pytest-8.3.4.pyc └── test_handler.cpython-313-pytest-8.3.4.pyc ├── test_bedrock_integration.py └── test_handler.py /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/.DS_Store -------------------------------------------------------------------------------- /.coverage: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/.coverage -------------------------------------------------------------------------------- /.flake8: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/.flake8 -------------------------------------------------------------------------------- /.github/workflows/tests.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/.github/workflows/tests.yml -------------------------------------------------------------------------------- /AUTHORS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/AUTHORS.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/README.md -------------------------------------------------------------------------------- /VERSION: -------------------------------------------------------------------------------- 1 | 1.0.0 -------------------------------------------------------------------------------- /deployment/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /deployment/__pycache__/bedrock_integration.cpython-313.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/__pycache__/bedrock_integration.cpython-313.pyc -------------------------------------------------------------------------------- /deployment/__pycache__/index.cpython-313.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/__pycache__/index.cpython-313.pyc -------------------------------------------------------------------------------- /deployment/bedrock_integration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/bedrock_integration.py -------------------------------------------------------------------------------- /deployment/index.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/index.py -------------------------------------------------------------------------------- /deployment/modules/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /deployment/modules/access_analyzer_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/access_analyzer_findings.py -------------------------------------------------------------------------------- /deployment/modules/cloudtrail_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/cloudtrail_findings.py -------------------------------------------------------------------------------- /deployment/modules/email_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/email_utils.py -------------------------------------------------------------------------------- /deployment/modules/iam_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/iam_findings.py -------------------------------------------------------------------------------- /deployment/modules/narrative.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/narrative.py -------------------------------------------------------------------------------- /deployment/modules/reporting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/reporting.py -------------------------------------------------------------------------------- /deployment/modules/scp_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/scp_findings.py -------------------------------------------------------------------------------- /deployment/modules/securityhub_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/deployment/modules/securityhub_findings.py -------------------------------------------------------------------------------- /docs/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/docs/.DS_Store -------------------------------------------------------------------------------- /docs/architecture.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/docs/architecture.md -------------------------------------------------------------------------------- /docs/deployment.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/docs/deployment.md -------------------------------------------------------------------------------- /docs/email-setup.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/docs/email-setup.md -------------------------------------------------------------------------------- /docs/usage.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/docs/usage.md -------------------------------------------------------------------------------- /examples/sample-access-report.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/examples/sample-access-report.csv -------------------------------------------------------------------------------- /lambda_function.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/lambda_function.zip -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/pyproject.toml -------------------------------------------------------------------------------- /pytest.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/pytest.ini -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/requirements.txt -------------------------------------------------------------------------------- /scripts/check_aws_creds.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/scripts/check_aws_creds.sh -------------------------------------------------------------------------------- /scripts/cleanup.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/scripts/cleanup.sh -------------------------------------------------------------------------------- /scripts/deploy.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/scripts/deploy.sh -------------------------------------------------------------------------------- /scripts/run_report.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/scripts/run_report.sh -------------------------------------------------------------------------------- /scripts/run_tests.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/scripts/run_tests.sh -------------------------------------------------------------------------------- /scripts/setup_dev.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/scripts/setup_dev.sh -------------------------------------------------------------------------------- /src/cli/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/cli/local_runner.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/cli/local_runner.py -------------------------------------------------------------------------------- /src/cli/test_lambda.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/cli/test_lambda.py -------------------------------------------------------------------------------- /src/lambda/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/lambda/__pycache__/bedrock_integration.cpython-313.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/__pycache__/bedrock_integration.cpython-313.pyc -------------------------------------------------------------------------------- /src/lambda/__pycache__/index.cpython-313.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/__pycache__/index.cpython-313.pyc -------------------------------------------------------------------------------- /src/lambda/bedrock_integration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/bedrock_integration.py -------------------------------------------------------------------------------- /src/lambda/index.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/index.py -------------------------------------------------------------------------------- /src/lambda/modules/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /src/lambda/modules/access_analyzer_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/access_analyzer_findings.py -------------------------------------------------------------------------------- /src/lambda/modules/cloudtrail_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/cloudtrail_findings.py -------------------------------------------------------------------------------- /src/lambda/modules/email_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/email_utils.py -------------------------------------------------------------------------------- /src/lambda/modules/iam_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/iam_findings.py -------------------------------------------------------------------------------- /src/lambda/modules/narrative.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/narrative.py -------------------------------------------------------------------------------- /src/lambda/modules/reporting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/reporting.py -------------------------------------------------------------------------------- /src/lambda/modules/scp_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/scp_findings.py -------------------------------------------------------------------------------- /src/lambda/modules/securityhub_findings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/src/lambda/modules/securityhub_findings.py -------------------------------------------------------------------------------- /templates/access-review-real.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/templates/access-review-real.yaml -------------------------------------------------------------------------------- /templates/access-review.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/templates/access-review.yaml -------------------------------------------------------------------------------- /tests/cfn/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/cfn/__pycache__/test_template.cpython-313-pytest-8.3.4.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/cfn/__pycache__/test_template.cpython-313-pytest-8.3.4.pyc -------------------------------------------------------------------------------- /tests/cfn/test_template.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/cfn/test_template.py -------------------------------------------------------------------------------- /tests/integration/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/style/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/style/test_code_style.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/style/test_code_style.py -------------------------------------------------------------------------------- /tests/unit/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/__pycache__/test_bedrock_integration.cpython-313-pytest-8.3.4.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/unit/__pycache__/test_bedrock_integration.cpython-313-pytest-8.3.4.pyc -------------------------------------------------------------------------------- /tests/unit/__pycache__/test_code_style.cpython-313-pytest-8.3.4.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/unit/__pycache__/test_code_style.cpython-313-pytest-8.3.4.pyc -------------------------------------------------------------------------------- /tests/unit/__pycache__/test_handler.cpython-313-pytest-8.3.4.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/unit/__pycache__/test_handler.cpython-313-pytest-8.3.4.pyc -------------------------------------------------------------------------------- /tests/unit/test_bedrock_integration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/unit/test_bedrock_integration.py -------------------------------------------------------------------------------- /tests/unit/test_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ajy0127/aws_automated_access_review/HEAD/tests/unit/test_handler.py --------------------------------------------------------------------------------