In the recent times, we find news about AWS breaches leading to TB's of data and compromised ec2 instances used for cryptocurrency, etc. Majority of the AWS breaches happen due to human error which leads to deviation from configuration standards and limited understanding of AWS shared responsibility model. I wanted to create an Alexa skill which would get your security Data to you without the need of logging in or running scripts.
What it does
It runs security assessments based on industry-accepted practices to provide an overview of existing benchmarks which will allow evaluating the security of the account consistently. Alexa gets the security data and provides analysis based on user's question. For example, when the user asks Alexa "how secure is my amazon environment," it returns with some failed tests, passed tests and manual tests which needed user inspection. The user can also request reasons for failures by asking "why did the tests fail," and Alexa returns all the reasons for failed tests.
How I built it
The primary data source is generated by AWS CIS benchmark script run periodically and stored in JSON format. Created an API routes using Flask which is integrated with Alexa intents and provide HTTPS end point for Alexa to talk to. Configured Alexa skill set to communicate with the HTTPS with custom metrics and questions mapped to each intent.
Challenges I ran into
- learning Alexa
- developing using intents on flask-asks
- Dealing with unserialized JSON data
Accomplishments that I am proud of
I think it is the first Alexa skill which would gather security configuration information of an AWS environment based and provide an overview of the configurations.
What I learned
learned how to make skills on Alexa, new open sources technologies like ngork, flask, flask-ask.
What's next for SecureAWS
Will be creating a standalone lambda script which would directly communicate with the alexa based on actions so that way the configuration data wouldn't leave the aws premises. My primary Goal for SecureAWS is to create custom metrics on the AWS environment which would increase the visibility for changes and allows you to monitor the environment more effectively.