The highest tagged major version is v2.

clouditor

module

v1.2.0 Latest Latest Go to latest Published: Mar 20, 2021 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/clouditor/clouditor

Links

Open Source Insights

README ¶

clouditor

Clouditor Community Edition

Introduction

Clouditor is a tool which supports continuous cloud assurance. Its main goal is to continuously evaluate if a cloud-based application (built using, e.g., Amazon Web Services (AWS) or Microsoft Azure) is configured in a secure way and thus complies with security requirements defined by, e.g., Cloud Computing Compliance Controls Catalogue (C5) issued by the German Office for Information Security (BSI) or the Cloud Control Matrix (CCM) published by the Cloud Security Alliance (CSA).

Features

Clouditor currently supports over 60 checks for Amazon Web Services (AWS), Microsoft Azure and OpenStack. Results of these checks are evaluated against security requirements of the BSI C5 and CSA CCM.

Key features are:

automated compliance rules for AWS and MS Azure
granular report of detected non-compliant configurations
quick and adaptive integration with existing service through automated service discovery
descriptive development of custom rules using Cloud Compliance Language (CCL) to support individual evaluation scenarios
integration of custom security requirements and mapping to rules

Usage

To run the Clouditor in a demo-like mode, with no persisted database:

docker run -p 9999:9999 clouditor/clouditor

To enable auto-discovery for AWS or Azure credentials stored in your home folder, you can use:

docker run -v $HOME/.aws:/root/.aws -v $HOME/.azure:/root/.azure -p 9999:9999 clouditor/clouditor

Then open a web browser at http://localhost:9999. Login with user clouditor and the default password clouditor.

Screenshots

Configuring an account

Account configuration

Discovering resources of cloud-based application

Discovery view

Overview of rule-based assessment

Rule assessment

View details of rules

Rule assessment

Load and map compliance requirements

Compliance overview

Development

Code Style

We use Google Java Style as a formatting. Please install the appropriate plugin for your IDE.

Git Hooks

You can use the hook in style/pre-commit to check for formatting errors:

cp style/pre-commit .git/hooks

Build (gradle)

To build the Clouditor, you can use the following gradle commands:

./gradlew clean build

Build (Docker)

To build all necessary docker images, run the following command:

./gradlew docker

Build (Go components) - Experimental

Install necessary protobuf tools.

go install google.golang.org/protobuf/cmd/protoc-gen-go \
google.golang.org/grpc/cmd/protoc-gen-go-grpc \
github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-grpc-gateway

Also make sure that $HOME/go/bin is on your $PATH and build:

go generate ./...
go build ./...

To test, start the engine with an in-memory DB

./engine --db-in-memory

Alternatively, be sure to start a postgre DB:

docker run -e POSTGRES_HOST_AUTH_METHOD=trust -d -p 5432:5432 postgres

Directories ¶

Path	Synopsis
cmd
engine
persistence
rest
service
auth

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL