Skip to content

ibrahimelothmani/AI-Security-Scanner-for-AWS-S3

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
Schedule.png
Schedule.png
 
 
architecture.png
architecture.png
 
 
requirements.txt
requirements.txt
 
 
s3_scanner.py
s3_scanner.py
 
 

Repository files navigation

AI S3 Security Scanner

AI S3 Security Scanner is a serverless AWS security monitoring system. It automatically scans S3 buckets for encryption settings, leverages Gemini AI to analyze security risks, and provides intelligent security insights.

🚀 Key Features

  • Automated S3 Scanning: Periodically checks all S3 buckets in your account for server-side encryption.
  • AI-Powered Analysis: Uses Google Gemini AI (gemini-2.0-flash-exp) to explain the security implications of unencrypted buckets.
  • Actionable Insights: Provides clear, human-readable recommendations for immediate security remediation.
  • Serverless Architecture: Built with AWS Lambda for cost-effectiveness and scalability.
  • Automated Scheduling: Configured to run automatically every 12 hours using Amazon EventBridge.

🏗️ Architecture

The system follows a serverless architecture as shown below:

Architecture

  1. EventBridge: Triggers the Lambda function on a schedule.
  2. Lambda Function: Executes the s3_scanner.py script.
  3. S3: The target of the security scan.
  4. Gemini AI: Analyzes the findings and generates a security report.

📋 Prerequisites

  • AWS Account with appropriate permissions (S3 Read, Lambda Execution).
  • Python 3.9+ environment.
  • Google Gemini API Key.

🛠️ Installation & Setup

  1. Clone the Repository:

    git clone <repository-url>
cd AI-Security-Scanner-for-AWS-S3

  2. Install Dependencies: Install the required Python packages:

    pip install -r requirements.txt -t package/

  3. Configure Environment Variables: Set your Gemini API key:

    export GOOGLE_API_KEY="your-google-api-key"

  4. Deploy to AWS Lambda:

    • Package the code and dependencies into s3_scanner.zip.
    • Upload the ZIP file to AWS Lambda.
    • Set the GOOGLE_API_KEY environment variable in the Lambda configuration.

  5. Schedule Scans: Create an EventBridge rule to trigger the Lambda function every 12 hours.

🔍 Usage

Once deployed, the Lambda function will run automatically. You can also trigger it manually from the AWS Console to see the results immediately in the CloudWatch logs.

Architecture

🛡️ Security Remediation

The AI analysis will categorize findings and suggest immediate actions, such as enabling AES256 or aws:kms encryption on vulnerable buckets.

Developed as an AI-enhanced security utility for AWS infrastructure.

About

In this project, you'll build a similar security monitoring system: a serverless Lambda function that scans S3 bucket encryption, sends its findings to Gemini AI for analysis, and shows you intelligent security insights. Then we'll schedule it to run automatically every 12 hours using EventBridge.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages