Create serverSideEncryption.py

Custom script for finding AWS S3 Buckets without Server Side Encryption enabled
Dodain · Dec 21, 2018 · 9936d5b · 9936d5b
1 parent 90eef9a
commit 9936d5b
Showing 1 changed file with 26 additions and 0 deletions.
diff --git a/S3/serverSideEncryption.py b/S3/serverSideEncryption.py
@@ -0,0 +1,26 @@
+import os
+import subprocess
+import json
+
+def writeIntoFile(filename, stdout, method='w+'):
+	with open(filename, method) as f: f.write(stdout)
+
+writeIntoFile("S3_Buckets_Without_ServerSideEncryption_Enabled.csv", "S3 Bucket,ServerSide Encryption\n", method='w+')
+
+command 	= ["aws", "s3api", "list-buckets", "--query", "Buckets[*].Name"]
+command 	= subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+out, err 	= command.communicate()
+out 		= json.loads(out)
+
+for buckets in out:
+	command 	= ["aws", "s3api", "get-bucket-encryption", "--bucket", buckets]
+	command 	= subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+	out, err 	= command.communicate()
+
+	if out == '':
+		print("Bucket: " + buckets + "\n" + "ServerSideEncryptionConfiguration: " + "False" + "\n")
+		writeIntoFile("S3_Buckets_Without_ServerSideEncryption_Enabled.csv", "{},{}\n".format(buckets, "false"), method='a+')
+
+	else:
+		print("Bucket: " + buckets + "\n" + "ServerSideEncryptionConfiguration: " + "True" + "\n")
+		writeIntoFile("S3_Buckets_Without_ServerSideEncryption_Enabled.csv", "{},{}\n".format(buckets, "true"), method='a+')