Recent Releases of https://github.com/awslabs/assisted-log-enabler-for-aws
https://github.com/awslabs/assisted-log-enabler-for-aws - Amazon Elastic Load Balancing Access Logs!
Elastic Load Balancing Access Logs (Single Account and Multi-Account using AWS Organizations) can now be turned on using Assisted Log Enabler!
For more details on elastic load balancer access logs, see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html.
Release notes:
Ability to turn on Elastic Load Balancer Access logs within single and multi-account modes.
Added Dry Run capabilities for Elastic Load Balancer Access logs within single and multi-account modes.
Added cleanup for Elastic Load Balancer Access logs created by Assisted Log Enabler within single account mode.
- Updated help (-h) message example within the README.
- Permissions examples for enabling Elastic Load Balancer Access logs within the permissions directory.
- Diagram for Elastic Load Balancer Access logs within the README.
Contributors
@rckasa
- Python
Published by cydneystude about 4 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Amazon S3 Server Access Logs!
With this release, we've added the ability to enable Amazon S3 Server Access Logs! Amazon Server Access logs provide detailed records for the requests that are made to your Amazon S3 Buckets, which can be useful for security audits and investigations.
For more details on Amazon S3 Server Access Logs, please visit the following link: https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html
Credit goes to Rogerio Kasa (@rckasa) for his work on this.
Release Notes: * Ability to turn on Amazon S3 Server Access logs within single and multi-account modes. * Added Dry Run capabilities for Amazon S3 Server Access logs within single and multi-account modes. * Added Cleanup capabilities for Amazon S3 Server Access logs created by Assisted Log Enabler within single account mode. * Updated help (-h) message example within the README. * Permissions examples for enabling Amazon S3 Server Access logs within the permissions directory. * Diagram for Amazon S3 Server Access Logs within the README.
- Python
Published by hackersifu over 4 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Minor Documentation Updates
- References to Team DragonCat are now referred to Customer Incident Response Team (CIRT).
- Various argparse help message to be more descriptive.
- Python
Published by hackersifu over 4 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Updates to CloudTrail function
Added
- CloudTrail tags to show that the trail is created by Assisted Log Enabler for AWS.
Changed
- CloudTrail name to be more descriptive that it's created by Assisted Log Enabler for AWS.
- Python
Published by hackersifu over 4 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Hotfix - Added Conditional Statements to Cleanup & Dry Run Options
Added
- Condition statements for if no options were selected during Dry Run and Cleanup modes.
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Additional Services Added to Cleanup Functionality
Added
- Tagging for VPC Flow Log Resources in single account mode.
- Cleanup options for VPC Flow Logs and CloudTrails created by Assisted Log Enabler for AWS.
- README Documentation
- Added details in the Cleanup section to reflect VPC Flow Logs and CloudTrail commands.
- Added section about the Shared Responsibility Model.
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Added Dry Run Modes
This release adds Dry Run modes for both single and multi-account versions of Assisted Log Enabler for AWS. These modes allow you to check for resources in your environment that do not have logging turned on, but does not activate the logging for said resources.
Added
- Dry Run mode for both single and multi-account modes.
- Added README Documentation for Dry Run modes.
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Minor Documentation Updates
Changed
- README Documentation
- Removed unzip steps from single and multi-account instructions.
- Minor updates to various service names.
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Documentation and S3 Bucket Updates
Added
- Randomization to the end of the Amazon S3 bucket name in both single and multi account modes.
- Instructions for deploying the AWS CloudFormation Stack individually, within the AWS Organizations root account for multi-account deployment.
- Link for the AWS Security Analytics Bootstrap within the README.
Changed
- Feedback section within README to contain link to Issues section.
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Added Cleanup functionality
This release contains functionality for removing resources created by Assisted Log Enabler for AWS. Currently, this is limited to Amazon Route 53 Resolver Query Logging in single account mode. More services will be added to the cleanup functionality in the coming releases.
Added
- Code for cleaning up AWS resources created by Assisted Log Enabler for AWS.
- Amazon Route 53 Resolver Query Logging in single account mode is only currently supported.
- Options for running cleanup mode within the main function.
- IAM Permissions example for cleanup operations.
- Information within the Step-by-Step instructions for multi-account to reflect details about AWS CloudFormation StackSets Delegated Administrator.
Changed
- README documentation.
- Updated Cleanup section to reflect new cleanup capabilities.
- Updated IAM Permissions examples within the README.
- AWS CloudFormation template for deploying IAM Permissions to run cleanup code.
- Header in files to reflect "Assisted Log Enabler for AWS", instead of "Assisted Log Enabler (ALE)".
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Added CHANGELOG file
Added: - CHANGELOG file
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Functionality Updates
This release adds the ability to run Assisted Log Enabler for AWS for individual supported AWS services. Previously, the code only supported the ability to run for all supported AWS services at once. With this update, now you can choose which AWS service to activate logging for. Additionally, there is still an option to run for all supported AWS services.
Release Notes:
- Created options for running the code for individual AWS services.
- Maintained the ability to run for all services currently supported at once.
- Updated documentation to reflect new supported commands.
- Minor documentation updates.
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Logging and Region Updates
Added the following minor changes: - Added ap-northeast-3 (Osaka) to function code - Changed log output file name to show clear date - Changed datetime output to show UTC time explicitly - Minor documentation updates
- Python
Published by hackersifu almost 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - General Availability (GA) Release
Introducing Assisted Log Enabler for AWS, a tool designed to turn on your AWS logs quickly for your existing resources.
Assisted Log Enabler for AWS is designed to ease the customer burden of learning how to turn on logs in the middle of a security incident. Assisted Log Enabler for AWS performs the work of creating an Amazon Simple Storage Service (S3) bucket, checking the services to see if logging is turned on, and activating logging when it's found to be off.
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Minor Documentation Updates
- Fixed documentation details about iam:CreateServiceLinkedRole
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Block Public Access for Multi-Account Mode
- Added Block Public Access call for Amazon S3 bucket in multi-account mode
- Minor README edits
- Updates to IAM Permissions Examples
- Added examples for both single account and multi-account
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Multiple Multi-Account Updates
Release Notes: * Added Multi-Account Support for Route 53 Query Logging * Added Multi-Account Support for EKS Audit & Authenticator Logs * Added Step-by-Step Instructions for running in Multi-Account Mode * Fixed an issue with log file output * Updated permissions examples * Updated CloudFormation template
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Route 53 Query Logs Activation Available
Release Notes: * Route 53 Query Logs are NOW available! (Single Account Mode Only with 1.1.0) Route 53 Query logs give you more verbose information when it comes to DNS queries, which is helpful for spotting potential security threats. For more information about Route 53 Query Logs, check out the following AWS Blog post: https://aws.amazon.com/blogs/aws/log-your-vpc-dns-queries-with-route-53-resolver-query-logs/ * Fixed issue with S3 bucket creation. * Updated README documentation. * Updated Permissions examples. * Updated CloudFormation template for deploying multi-account role. * Updated diagram to reflect Route 53 Query Logs. * Updated diagram to correctly reflect EKS Audit & Authentication Logs going to CloudWatch. * Various bug fixes.
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Minor Fix
- Added error handling for AWS Organizations API call within multi-account version.
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Minor Fixes
- Added PutPublicAccessBlock for bucket created (single-account version).
- Added step-by-step instructions for running Assisted Log Enabler using AWS CloudShell within the README file.
- Python
Published by hackersifu about 5 years ago
https://github.com/awslabs/assisted-log-enabler-for-aws - Initial Release
Initial Open Source Release of Assisted Log Enabler for AWS
- Python
Published by hackersifu about 5 years ago