Scout2 run on AWS Lambda

nccgroup / Scout2

Security auditing tool for AWS environments

http://nccgroup.github.io/Scout2/

GNU General Public License v2.0

1.73k stars 300 forks source link

Scout2 run on AWS Lambda #259

Closed phutapong closed 5 years ago

phutapong commented 6 years ago

Do we have example code to setup Scout2 automatic runs on AWS Lambda ??

x4v13r64 commented 6 years ago

What would be the use case for this? Scout2 is generally not designed to be run from within AWS (EC2 instances and the like).

brentstrong commented 6 years ago

It would allow automation. I containerized Scout2 and run it on Fargate but it requires some additional glue to schedule the runs. Lambda would be lighter weight and offer more native scheduling options. I'm actually surprised that the intention of Scout2 is not to run it within AWS. It seems like a natural fit.

x4v13r64 commented 6 years ago

I'd think creating a deployment package (https://docs.aws.amazon.com/lambda/latest/dg/lambda-python-how-to-create-deployment-package.html) and setting the appropriate execution role should be pretty straightforward.

x4v13r64 commented 5 years ago

Closing as this is not a Scout issue.

Couple of tips:

Using a framework such as Zappa (https://www.zappa.io/) can help deployment
Using authentication with a csv file is probably easiest, to avoid conflicts with the Lambda container's credentials (found in environment variables)