This Cloud Security Tool is a lightweight cloud monitoring solution designed to help organizations detect and report misconfigurations and potential data security issues in cloud environments. It integrates with AWS and GCP to identify public resources, misconfigurations, and sensitive data patterns using Data Loss Prevention (DLP). The tool provides a dashboard interface built with Streamlit for visualization and easy reporting.
-
Cloud Integration:
- Detect publicly accessible AWS S3 buckets and GCP storage buckets.
- Retrieve cloud logs from AWS CloudTrail and GCP Logging for monitoring.
-
Data Loss Prevention (DLP):
- Scan for sensitive data patterns (e.g., emails, SSNs, or credit card numbers) using regex-based detection.
- Report violations and store them in MongoDB Atlas for future reference.
-
Dashboard Visualization:
- Display public cloud resources and DLP violations on a Streamlit dashboard.
- Real-time reporting for public buckets and sensitive data.
-
Scalable and Secure Deployment:
- Uses Docker Compose for containerized deployment.
- MongoDB Atlas for secure, cloud-based storage of logs and violations.
cloud-security-tool/
│
├── backend/
│ ├── main.py # FastAPI backend entry point
│ ├── config.py # Configuration (MongoDB, AWS, GCP)
│ ├── models.py # Pydantic models for request/response
│ ├── db.py # MongoDB Atlas connection setup
│ ├── cloud_integrations/
│ │ ├── aws.py # AWS CloudTrail and S3 integration
│ │ ├── gcp.py # GCP Logging and Storage integration
│
├── frontend/
│ ├── app.py # Streamlit dashboard for results
│
├── .gitignore # Ignore venv and other unnecessary files
├── docker-compose.yml # Docker Compose setup
├── requirements.txt # Python dependencies
└── README.md # Documentation
- MongoDB Atlas account.
- AWS and GCP accounts with access keys.
- Docker and Docker Compose installed.
git clone <repo-url>
cd cloud-security-toolCreate a .env file in the project root or configure your Docker environment with the following variables:
MONGO_URI=mongodb+srv://<username>:<password>@cluster0.mongodb.net/cloud_security?retryWrites=true&w=majority
AWS_ACCESS_KEY=<your-aws-access-key>
AWS_SECRET_KEY=<your-aws-secret-key>
GCP_CREDENTIALS=path/to/credentials.json
docker-compose up --build- FastAPI Backend: http://localhost:8000/docs
- Streamlit Dashboard: http://localhost:8501
- Use the
/aws/public-bucketsand/gcp/public-bucketsendpoints to fetch public bucket information.
- Submit a DLP violation through the API or dashboard, and it will be stored in MongoDB Atlas.
curl -X POST "http://localhost:8000/dlp/violations" -H "Content-Type: application/json" -d '{
"service": "AWS",
"data": "[email protected]",
"violation_type": "Email Address",
"timestamp": "2024-10-28T12:00:00Z"
}'- Endpoints:
/aws/public-buckets: Get public AWS buckets./gcp/public-buckets: Get public GCP buckets./dlp/violations: Report a DLP violation.
- Dashboard: Displays cloud resources and DLP violations.
- Collections:
dlp_violationsandpublic_resources.
- FastAPI: Backend API framework.
- Streamlit: Frontend for dashboards.
- MongoDB Atlas: Cloud-based NoSQL database.
- AWS: CloudTrail and S3 for monitoring.
- GCP: Logging and Storage for monitoring.
- Docker: Containerization.
- Docker Compose: Service orchestration.
- Ensure the MongoDB URI is correct and IP whitelisting is configured.
- Check if the access keys are valid and have the required permissions.
- Ensure Docker and Docker Compose are installed and running correctly.
This project is licensed under the MIT License - see the LICENSE file for details.
- FastAPI for backend development.
- Streamlit for the dashboard.
- MongoDB Atlas for providing a free-tier cloud database.
- AWS and GCP for cloud integration.
For any questions or issues, please contact [Your Name] at [[email protected]]. """