La version française sera disponible bientôt
This repository will contain various tools used by CDS to ensure the confidentiality, integrity and availability of CDS applications and services.
- Cloud Asset Inventory: AWS, ECS, CloudQuery
- Content Security Policy (CSP) violation reporting: AWS, Lambda
- Onboard by adding the
report-uri https://csp-report-to.security.cdssandbox.xyz/report;directive to your apps existing CSP
- Onboard by adding the
This code is released under the MIT License. See LICENSE.
Note: If you are using Codespaces, all the environment setup is done for you. You can start working on the Cloud Asset Inventory right away.
See the Makefile for the available commands.
Main commands:
- build: Build the Docker image for the Cloud Asset Inventory in Codespaces using docker-compose (sets up the environment for network analysis and other resources)
- start: Start the Docker container for the Cloud Asset Inventory in Codespaces
- start-logging: Start the Docker container for the Cloud Asset Inventory in Codespaces with network logging enabled (using tcpdump)
- attach: Attach a shell to the running Docker container for the Cloud Asset Inventory in Codespaces
- stop: Stop the Docker container for the Cloud Asset Inventory in Codespaces
- copy-logs: Copy the network logs and the Cloud Asset Inventory logs from the Docker container to the host machine
- copy-data: Copy the data generated by the Cloud Asset Inventory from the Docker container to the host machine
- delete-logs: Delete the network logs from the Docker container