From 960ef4dba05df21a37745844a1c1a7a7face7f1b Mon Sep 17 00:00:00 2001 From: Taylor Date: Wed, 11 Oct 2023 11:24:59 -0700 Subject: [PATCH] Remove BC --- CODE_OF_CONDUCT.md | 2 +- LICENSE | 2 +- README.md | 13 ++--- RecommendedIntegrations.md | 53 ------------------- airiam/Reporter.py | 7 --- .../BaseEntityTransformer.py | 2 +- docs/documentation.md | 15 ------ docs/index.html | 36 +------------ setup.py | 2 - 9 files changed, 7 insertions(+), 125 deletions(-) delete mode 100644 RecommendedIntegrations.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 9de3c1d..e0857c2 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -55,7 +55,7 @@ further defined and clarified by project maintainers. ## Enforcement Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at support@bridgecrew.io. All +reported by contacting Palo Alto Networks. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. diff --git a/LICENSE b/LICENSE index eda91ad..6dab8a3 100644 --- a/LICENSE +++ b/LICENSE @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2019 Bridgecrew + Copyright 2019 Palo Alto Networks Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/README.md b/README.md index 9be7e1e..adc15b5 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,8 @@ -[![Maintained by Bridgecrew.io](https://img.shields.io/badge/maintained%20by-bridgecrew.io-blueviolet)](https://bridgecrew.io) [![code_coverage](https://raw.githubusercontent.com/bridgecrewio/AirIAM/master/coverage.svg?sanitize=true)](https://github.com/bridgecrewio/AirIAM/actions?query=workflow%3Abuild-and-test) ![Terraform Version](https://img.shields.io/badge/tf-%3E%3D0.12.0-blue.svg) [![build](https://github.com/bridgecrewio/AirIAM/workflows/build/badge.svg)](https://github.com/bridgecrewio/airiam/actions?query=workflow%3Abuild) [![PyPI](https://img.shields.io/pypi/v/airiam)](https://pypi.org/project/airiam/) [![Downloads](https://pepy.tech/badge/airiam)](https://pepy.tech/project/airiam) -[![slack-community](https://slack.bridgecrew.io/badge.svg)](https://slack.bridgecrew.io/?utm_source=github&utm_medium=organic_oss&utm_campaign=airiam)

@@ -46,8 +44,6 @@ By moving all IAM configurations into Terraform code, admins can start tracking, AirIAM is battle-tested and is recommended for use in Dev, QA and test environments that have been previously managed by humans. It is design to result in minimal impact on existing workloads. -If you are interested in migrating a Prod account, contact us at info@bridgecrew.io for some helpful tips. - ![flow](images/ComponentDiagram.png) ## Features @@ -60,8 +56,7 @@ If you are interested in migrating a Prod account, contact us at info@bridgecrew ## Commands -- `find_unused` - Detects unused users, roles, groups, policies and policy attachments. It also adds links to automation scripts that could remove these entities entirely using Bridgecrew Community. [Learn more - about these scripts and automation](RecommendedIntegrations.md). +- `find_unused` - Detects unused users, roles, groups, policies and policy attachments. ```shell script usage: airiam find_unused [-h] [-p PROFILE] [-l LAST_USED_THRESHOLD] [--no-cache] [-o {cli}] @@ -228,8 +223,6 @@ We would love to hear about other IAM governance models for additional use cases ## Support -[Bridgecrew](https://bridgecrew.io) builds and maintains AirIAM to encourage the adoption of IAM-as-code and enforcement of IAM Rightsizing and Least Privileges best practices in policy-as-code. - -Start with our [Documentation](https://bridgecrewio.github.io/airiam/) for quick tutorials and examples. +Start with our [Documentation](https://airiam.io/documentation) for quick tutorials and examples. -If you need direct support you can contact us at info@bridgecrew.io. +If you still need support you can leverage our [community Slack](https://codifiedsecurity.slack.com/). diff --git a/RecommendedIntegrations.md b/RecommendedIntegrations.md deleted file mode 100644 index 59deb06..0000000 --- a/RecommendedIntegrations.md +++ /dev/null @@ -1,53 +0,0 @@ -# Recommended Integrations -Recommended integrations with AirIAM: -1. [Bridgecrew Cloud](#integration-with-bridgecrew-cloudhttpswwwbridgecrewcloud) -2. [Checkov](#integration-with-checkov) - -## Integration with [Bridgecrew cloud](https://www.bridgecrew.cloud) -To remove entities en-masse in a simple-to-use, time-efficient manner, we recommend utilizing the free community version -of `Bridgecrew`'s platform, [Bridgecrew Cloud](https://www.bridgecrew.cloud). - -The setup will contain 3 steps: -1. [Configuring a new customer with Bridgecrew](#configuring-a-new-customer-with-bridgecrew) -2. [Granting Bridgecrew READ ONLY access to your AWS account](#granting-bridgecrew-read-only-access) -3. [Finding the relevant automations](#finding-the-relevant-automations) - -### Configuring a new customer with Bridgecrew -To configure a new customer with `Bridgecrew`, simply go to [Bridgecrew Cloud](https://www.bridgecrew.cloud) and use one -of the signup methods to create a new user - Google, Github and regular email-based authentication is supported. - -### Granting Bridgecrew READ ONLY access -To grant `Bridgecrew` access to your account it is required to deploy a [CloudFormation stack](#deploying-using-cloudformation) - / [terraform module](#deploying-using-terraform) in the -target account. - -#### Deploying using CloudFormation -To deploy using CloudFormation: -1. Log into your AWS account. No need to keep that tab open. -2. Log into [Bridgecrew Cloud](https://www.bridgecrew.cloud) -3. Go to `Integrations` tab, select the `AWS Read Access` integration -4. Click `ADD ACCOUNT` and then `LAUNCH STACK` - -#### Deploying using Terraform -To deploy using Terraform, import [our module](https://registry.terraform.io/modules/bridgecrewio/bridgecrew-read-only/) - from the terraform registry and insert the relevant parameters: - ```hcl-terraform -module "bridgecrew-read-only" { - source = "bridgecrewio/bridgecrew-read-only/aws" - version = "0.3.1" // Please make sure this is the latest release! - customer_name = "acme" // Should be the customer name as registered when signing up - aws_profile = "dev" // If using a default set of credentials, should be set to null -} -``` - -### Finding the relevant automations -When running the following command: -```shell script -airiam remove_unused [-p PROFILE] [-l LAST_SEEN_THRESHOLD] -``` -The expected output will be the unused entities, together with links to `Bridgecrew`s playbooks. Clicking these links -will redirect you to your [Bridgecrew Cloud](https://www.bridgecrew.cloud) account, where you can see the remediation -script, download and use it. - -## Integration with Checkov -[Checkov](https://www.checkov.io) allows static analysis of terraform code (as well as cloudformation) diff --git a/airiam/Reporter.py b/airiam/Reporter.py index 65fe640..61a12a6 100644 --- a/airiam/Reporter.py +++ b/airiam/Reporter.py @@ -115,19 +115,12 @@ def report_unused(runtime_results: RuntimeReport) -> None: print() - print('If you prefer to to change the current runtime and not move to IaC but the number of entities above is intimidating - consider using ' - 'our playbooks, available at: ') - print('https://www.bridgecrew.io/') - @staticmethod def print_prelude(): print(colored(banner, 'yellow')) print() print(colored('AirIAM - Least privilege AWS IAM Terraformer', attrs=['bold'])) print() - print(f'To continuously scan configurations, try the {colored("Bridgecrew", "magenta", attrs=["bold"])} free community plan.') - print('https://www.bridgecrew.io') - print() @staticmethod def report_groupings(report_with_recommendations: RuntimeReport): diff --git a/airiam/terraform/entity_terraformers/BaseEntityTransformer.py b/airiam/terraform/entity_terraformers/BaseEntityTransformer.py index 504517c..b9b6da4 100644 --- a/airiam/terraform/entity_terraformers/BaseEntityTransformer.py +++ b/airiam/terraform/entity_terraformers/BaseEntityTransformer.py @@ -37,7 +37,7 @@ def safe_name_converter(name_str: str) -> str: def transform_tags(entity_json: dict): tags = entity_json.get('Tags', []) tags.extend([ - {"Key": "Managed by", "Value": "AirIAM by Bridgecrew"}, + {"Key": "Managed by", "Value": "AirIAM"}, {"Key": "Managed through", "Value": "Terraform"} ]) tag_str = "\n".join(map(lambda tag: f" \"{tag['Key']}\" = \"{tag['Value']}\"", tags)) diff --git a/docs/documentation.md b/docs/documentation.md index ee042c7..9e24713 100644 --- a/docs/documentation.md +++ b/docs/documentation.md @@ -38,9 +38,6 @@ v0.1.22 AirIAM - Least privilege AWS IAM Terraformer -To continuously scan configurations, try the Bridgecrew free community plan. -https://www.bridgecrew.io - usage: airiam [-h] [-v] {find_unused,recommend_groups,terraform} ... optional arguments: @@ -82,9 +79,6 @@ v0.1.22 AirIAM - Least privilege AWS IAM Terraformer -To continuously scan configurations, try the Bridgecrew free community plan. -https://www.bridgecrew.io - INFO:botocore.credentials:Found credentials in shared credentials file: ~/.aws/credentials Reusing local data Identifying unused IAM entities in the account... @@ -114,9 +108,6 @@ unattached-policy is not attached to any user, group or role The following 1 policy attachments are unused: Policy attached but not used: s3-user1 is not using the privileges given by arn:aws:iam::000000000000:policy/sts-policy -If you prefer to to change the current runtime and not move to IaC but the number of entities above is intimidating - consider using our playbooks, available at: -https://www.bridgecrew.io/ - ``` ## Sample: Recommend IAM grouping (CLI) @@ -145,9 +136,6 @@ v0.1.22 AirIAM - Least privilege AWS IAM Terraformer -To continuously scan configurations, try the Bridgecrew free community plan. -https://www.bridgecrew.io - INFO:botocore.credentials:Found credentials in shared credentials file: ~/.aws/credentials Reusing local data INFO:root:Analyzing data for account 000000000000 @@ -175,9 +163,6 @@ v0.1.22 AirIAM - Least privilege AWS IAM Terraformer -To continuously scan configurations, try the Bridgecrew free community plan. -https://www.bridgecrew.io - INFO:botocore.credentials:Found credentials in shared credentials file: ~/.aws/credentials Reusing local data Filtered arn:aws:iam::000000000000:user/nimrod from the analysis diff --git a/docs/index.html b/docs/index.html index 75f9c4d..ea45d9a 100644 --- a/docs/index.html +++ b/docs/index.html @@ -166,9 +166,6 @@

- - Try Bridgecrew -
@@ -310,44 +307,13 @@

Join our community and stay up to date

Talk to us on SlackTalk to us on SlackContribute on Github
diff --git a/setup.py b/setup.py index 3fb8b69..8ebb152 100644 --- a/setup.py +++ b/setup.py @@ -43,8 +43,6 @@ name="airiam", version=version, description="Least privilege AWS IAM Terraformer", - author="bridgecrew", - author_email="meet@bridgecrew.io", url="https://github.com/bridgecrewio/AirIAM", packages=setuptools.find_packages(exclude=["tests*"]), scripts=["bin/airiam","bin/airiam.cmd"],