A honey token manager and alert system for AWS.

Last update: Nov 09, 2022

Overview

SpaceSiren

SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey tokens at scale -- up to 10,000 per SpaceSiren instance -- at close to no cost.¹

How It Works

SpaceSiren provides an API to create no-permission AWS IAM users and access keys for those users.
You sprinkle the access keys wherever you like, for example in proprietary code or private data stores.
If one of those sources gets breached, an attacker is likely to use the stolen key to see what they can do with it.
You will receive an alert that someone attempted to use the key.

Alert Outputs

Email
PagerDuty
Slack
Pushover

Documentation Pages

Requirements

As with any open source project, this one assumes you have the required foundational tools and knowledge, mainly in AWS and Terraform.

Resources

Terraform >= 0.13
AWS CLI
A dedicated AWS account with admin access
A registered domain

Knowledge

Basic Terraform
Basic REST API
Basic AWS CLI, S3, and Route 53
Basic AWS Organizations and IAM Roles for cross-account access
Intermediate DNS (delegating a (sub)domain with NS records)

Contact

If you notice a critical security bug (e.g., one that would grant real access to an AWS account), please responsibly disclose it via email at [email protected].

For standard bugs or feature requests, please open a GitHub issue.

Attributions

Special thanks to:

Atlassian for Project SpaceCrab, the inspiration for this project. If you want to read about why I started SpaceSiren, please see my SpaceCrab critique page.
The wonderful and talented Alia Mancisidor for the artwork.
Anyone who volunteered to test this application for me.

Footnotes

While SpaceSiren was designed to run as cheaply as possible, even for individuals, it will not be entirely free of operating costs. You will incur nominal costs for DynamoDB, Lambda, API Gateway, Route 53, and perhaps CloudTrail, depending on your configuration. You should expect to spend between $1 and $5 per month to run SpaceSiren. Of course, the project's maintainers are not responsible for any actual costs you incur. Please closely monitor your AWS bill while it is in use.

Supervisor process control system for UNIX

Supervisor Supervisor is a client/server system that allows its users to control a number of processes on UNIX-like operating systems. Supported Platf

7.6k Dec 31, 2022

DC/OS - The Datacenter Operating System

DC/OS - The Datacenter Operating System The easiest way to run microservices, big data, and containers in production. What is DC/OS? Like traditional

2.3k Jan 6, 2023

A system for managing CI data for Mozilla projects

Treeherder Description Treeherder is a reporting dashboard for Mozilla checkins. It allows users to see the results of automatic builds and their resp

235 Dec 22, 2022

Bitnami Docker Image for Python using snapshots for the system packages repositories

Python Snapshot packaged by Bitnami What is Python Snapshot? Python is a programming language that lets you work quickly and integrate systems more ef

1 Jan 13, 2022

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.

Ansible Ansible is a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc ta

55.9k Jan 4, 2023

Iris is a highly configurable and flexible service for paging and messaging.

Iris Iris core, API, UI and sender service. For third-party integration support, see iris-relay, a stateless proxy designed to sit at the edge of a pr

715 Dec 28, 2022

StackStorm (aka "IFTTT for Ops") is event-driven automation for auto-remediation, security responses, troubleshooting, deployments, and more. Includes rules engine, workflow, 160 integration packs with 6000+ actions (see https://exchange.stackstorm.org) and ChatOps. Installer at https://docs.stackstorm.com/install/index.html. Questions? https://forum.stackstorm.com/.

StackStorm is a platform for integration and automation across services and tools, taking actions in response to events. Learn more at www.stackstorm.

5.3k Jan 2, 2023

KivyPassword - A password generator using both Kivy framework and SQL in order to create a local database for users to generate strong passwords and store them

KivyPassword A password generator using both Kivy framework and SQL in order t

1 Jan 14, 2022

pyinfra automates infrastructure super fast at massive scale. It can be used for ad-hoc command execution, service deployment, configuration management and more.

pyinfra automates/provisions/manages/deploys infrastructure super fast at massive scale. It can be used for ad-hoc command execution, service deployme

2.1k Dec 29, 2022

Comments

Multiple alert email addresses

Allow for more than one destination email address for alerts. Terraform should take a list of email addresses. They will all need to be verified in SES.

opened by khicks 0
Enhancement/Canary Resources scaffolding
Add support for canary resources:

This is the initial scaffolding, that adds an endpoint to monitor activity for given resource ARNs.

Under the current format, it only supports resources in the account where spacesiren is deployed

Will have to look into the best way to monitor arbitrary trails

TODOs:

[ ] Update documentation for the new endpoint
opened by x4v13r64 0

Releases(1.4.0)

1.4.0(Dec 19, 2021)
IMPROVEMENTS:

Update Terraform to version 1.1.2.

Provider dependency upgrades.

Source code(tar.gz)
Source code(zip)
1.3.0(Apr 15, 2021)
IMPROVEMENTS:

Update Terraform to version 0.15.

Source code(tar.gz)
Source code(zip)
1.2.1(Aug 23, 2020)
IMPROVEMENTS:

Update AWS provider to 3.3.0.

BUG FIXES:

Lambda logging permissions with the new aws_cloudwatch_log_group ARN format.

Source code(tar.gz)
Source code(zip)
1.2.0(Aug 15, 2020)
FEATURES:

Pushover support. New tfvars are alert_pushover_user_key and alert_pushover_api_key.

Test alert API endpoint: /test-alert.

IMPROVEMENTS:

Remove trimsuffix from Route 53 zone name.

Source code(tar.gz)
Source code(zip)
1.1.0(Aug 14, 2020)
IMPROVEMENTS:

Artwork!

Change directory structure. Terraform code now has its own directory.

If you previously had SpaceSiren set up, delete your functions-pkg/ directory and move the following files/dirs to the terraform/ directory:

.terraform/

terraform-local.tf

terraform.tfvars

Source code(tar.gz)
Source code(zip)
1.0.0(Aug 14, 2020)

Source code(tar.gz)
Source code(zip)

Owner

GitHub Repository

Phonebook application to manage phone numbers

PhoneBook Phonebook application to manage phone numbers. How to Use run main.py python file. python3 main.py Links Download Source Code: Click Here M

3 Jul 15, 2022

Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App

Google Kubernetes Engine (GKE) with a Snyk Kubernetes controller installed/configured for Snyk App This example provisions a Google Kubernetes Engine

2 Feb 09, 2022

A charmed operator for running PGbouncer on kubernetes.

operator-template Description TODO: Describe your charm in a few paragraphs of Markdown Usage TODO: Provide high-level usage, such as required config

1 Dec 01, 2022

Project 4 Cloud DevOps Nanodegree

Project Overview In this project, you will apply the skills you have acquired in this course to operationalize a Machine Learning Microservice API. Yo

1 Nov 21, 2021

Convenient tool to manage multiple VMs at once using libvirt

Convenient tool to manage multiple VMs at once using libvirt Installing To install the tool and its dependencies: pip install -e . Getting completion

13 Nov 11, 2022

Webinar oficial Zabbix Brasil. Uma série de 4 aulas sobre API do Zabbix.

Repositório de scripts do Webinar de API do Zabbix Webinar oficial Zabbix Brasil. Uma série de 4 aulas sobre API do Zabbix. Nossos encontros [x] 04/11

7 Mar 31, 2022

Define and run multi-container applications with Docker

Docker Compose Docker Compose is a tool for running multi-container applications on Docker defined using the Compose file format. A Compose file is us

28.2k Jan 08, 2023

Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:

Latest Salt Documentation Open an issue (bug report, feature request, etc.) Salt is the world’s fastest, most intelligent and scalable automation engi

12.9k Jan 04, 2023

ZeroMQ bindings for Twisted

Twisted bindings for 0MQ Introduction txZMQ allows to integrate easily ØMQ sockets into Twisted event loop (reactor). txZMQ supports both CPython and

149 Dec 08, 2022

A cron monitoring tool written in Python & Django

Healthchecks Healthchecks is a cron job monitoring service. It listens for HTTP requests and email messages ("pings") from your cron jobs and schedule

5.8k Jan 02, 2023

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.

Ansible Ansible is a radically simple IT automation system. It handles configuration management, application deployment, cloud provisioning, ad-hoc ta

55.9k Jan 04, 2023

Hubble - Network, Service & Security Observability for Kubernetes using eBPF

Network, Service & Security Observability for Kubernetes What is Hubble? Getting Started Features Service Dependency Graph Metrics & Monitoring Flow V

2.4k Jan 04, 2023

DataOps framework for Machine Learning projects.

Noronha DataOps Noronha is a Python framework designed to help you orchestrate and manage ML projects life-cycle. It hosts Machine Learning models ins

52 Oct 30, 2022

A Habitica Integration with Github Workflows.

Habitica-Workflow A Habitica Integration with Github Workflows. How To Use? Fork (and Star) this repository. Set environment variable in Settings - S

2 Dec 20, 2021

Organizing ssh servers in one shell.

NeZha (哪吒) NeZha is a famous chinese deity who can have three heads and six arms if he wants. And my NeZha tool is hoping to bring developer such mult

8 Dec 20, 2021

Containerize a python web application

containerize a python web application introduction this document is part of GDSC at the university of bahrain you don't need to follow along, fell fre

1 Oct 19, 2021

Find-Xss - Termux Kurulum Dosyası Eklendi Eğer Hata Alıyorsanız Lütfen Resmini Çekip İnstagramdan Bildiriniz

FindXss Waf Bypass Eklendi !!! PRODUCER: Saep UPDATER: Aser-Vant Download: git c

2 Apr 17, 2022

This Docker container is build to run on a server an provide an easy to use interface for every student to vote for their councilors

This Docker container is build to run on a server and provide an easy to use interface for every student to vote for their councilors.

7 Nov 23, 2022

Dynamic DNS service

About nsupdate.info https://nsupdate.info is a free dynamic DNS service. nsupdate.info is also the name of the software used to implement it. If you l

880 Jan 04, 2023

Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.

Glances - An eye on your system Summary Glances is a cross-platform monitoring tool which aims to present a large amount of monitoring information thr

22k Jan 08, 2023