Convert Figma logo to code with AI

iann0036 logoAWSConsoleRecorder

Records actions made in the AWS Management Console and outputs the equivalent CLI/SDK commands and CloudFormation/Terraform templates.

1,425
87
1,425
29
View on GitHub

Top Related Projects

duo-labs's avatar

cloudmapper

5,953

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

nccgroup's avatar

ScoutSuite

6,580

Multi-Cloud Security Auditing Tool

Netflix's avatar

security_monkey

4,350

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

salesforce's avatar

cloudsplaining

1,961

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

prowler-cloud's avatar

prowler

10,522

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Quick Overview

AWSConsoleRecorder is a Chrome extension that records actions performed in the AWS Management Console and generates equivalent AWS CLI commands or CloudFormation/Terraform templates. This tool helps users translate manual AWS console operations into reproducible infrastructure-as-code or CLI commands, facilitating automation and documentation of AWS resource management.

Pros

  • Automatically generates AWS CLI commands and infrastructure-as-code templates from console actions
  • Supports multiple output formats including CloudFormation, Terraform, and CLI commands
  • Helps bridge the gap between manual console operations and infrastructure-as-code practices
  • Useful for learning AWS CLI commands and IaC syntax corresponding to console actions

Cons

  • Limited to Chrome browser as an extension
  • May not capture all possible AWS console actions or complex scenarios
  • Generated code might require manual adjustments for production use
  • Depends on the structure and functionality of the AWS Management Console, which may change over time

Getting Started

  1. Install the Chrome extension from the Chrome Web Store.
  2. Open the AWS Management Console in Chrome and log in.
  3. Click on the AWSConsoleRecorder extension icon to start recording.
  4. Perform actions in the AWS Console as usual.
  5. Click the extension icon again to stop recording and view the generated code.
  6. Choose the desired output format (CLI, CloudFormation, or Terraform) and copy the generated code.

Note: Always review and test the generated code before using it in production environments.

Competitor Comparisons

duo-labs logo

cloudmapper

5,953

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

Pros of CloudMapper

  • Provides comprehensive visualization of AWS environments, including network topology and security groups
  • Offers security auditing capabilities, helping identify potential vulnerabilities and misconfigurations
  • Supports multiple AWS accounts and regions, allowing for a holistic view of complex infrastructures

Cons of CloudMapper

  • Requires more setup and configuration compared to AWSConsoleRecorder
  • May have a steeper learning curve due to its broader feature set
  • Focuses on analysis and visualization rather than real-time action recording

Code Comparison

CloudMapper (Python):

from cloudmapper.nodes import Account, Region
from cloudmapper.prepare import build_data_structure

account = Account(None, 'demo')
region = Region(account, 'us-west-2')
build_data_structure(account, region, args)

AWSConsoleRecorder (JavaScript):

chrome.webRequest.onBeforeRequest.addListener(
  function(details) {
    if (details.method == "POST") {
      // Process and record AWS Console actions
    }
  },
  {urls: ["https://*.console.aws.amazon.com/*"]}
);

While CloudMapper focuses on analyzing and visualizing AWS environments, AWSConsoleRecorder is designed to capture and record user actions in the AWS Console in real-time. CloudMapper offers a more comprehensive view of AWS infrastructure but requires more setup, whereas AWSConsoleRecorder provides immediate action recording with minimal configuration.

nccgroup logo

ScoutSuite

6,580

Multi-Cloud Security Auditing Tool

Pros of ScoutSuite

  • Comprehensive security auditing tool for multiple cloud providers (AWS, Azure, GCP, etc.)
  • Generates detailed HTML reports with security findings and recommendations
  • Supports customizable rulesets for tailored security assessments

Cons of ScoutSuite

  • Requires more setup and configuration compared to AWSConsoleRecorder
  • May have a steeper learning curve for users unfamiliar with security auditing tools
  • Focuses on security auditing rather than action recording and playback

Code Comparison

AWSConsoleRecorder:

chrome.webRequest.onBeforeRequest.addListener(
  function(details) {
    if (details.method == "POST" && details.requestBody) {
      // Process and record AWS Console actions
    }
  },
  {urls: ["https://*.console.aws.amazon.com/*"]},
  ["requestBody"]
);

ScoutSuite:

from ScoutSuite.core.cli_parser import ScoutSuiteArgumentParser
from ScoutSuite.core.console import set_logger_configuration, print_info
from ScoutSuite.core.ruleset import Ruleset
from ScoutSuite.core.processingengine import ProcessingEngine

# Initialize and run ScoutSuite security assessment

ScoutSuite is a more comprehensive security auditing tool for multiple cloud providers, while AWSConsoleRecorder focuses specifically on recording and replaying AWS Console actions. ScoutSuite offers detailed security reports and customizable rulesets but requires more setup. AWSConsoleRecorder is simpler to use for its specific purpose of action recording in the AWS Console.

Netflix logo

security_monkey

4,350

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

Pros of security_monkey

  • Comprehensive security monitoring and auditing across multiple cloud providers
  • Extensive rule-based policy enforcement and alerting capabilities
  • Active community support and regular updates from Netflix

Cons of security_monkey

  • More complex setup and configuration process
  • Requires additional infrastructure to run and maintain
  • Steeper learning curve for new users

Code Comparison

AWSConsoleRecorder:

def record_action(event):
    action = {
        'service': event['service'],
        'action': event['action'],
        'parameters': event['parameters']
    }
    save_to_database(action)

security_monkey:

class AWSIAMPolicy(ChangeItem):
    def __init__(self, account=None, name=None, arn=None, config={}):
        super(AWSIAMPolicy, self).__init__(
            index=AWSIAMPolicy.index,
            region='universal',
            account=account,
            name=name,
            arn=arn,
            new_config=config)

AWSConsoleRecorder focuses on recording individual AWS Console actions, while security_monkey provides a more comprehensive security monitoring solution with custom policy definitions and multi-cloud support. AWSConsoleRecorder is simpler to set up and use, making it ideal for quick auditing tasks, whereas security_monkey offers more advanced features but requires more resources and expertise to implement effectively.

salesforce logo

cloudsplaining

1,961

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Pros of Cloudsplaining

  • Focuses specifically on IAM policy analysis and security assessment
  • Provides detailed reports on potential security risks and misconfigurations
  • Offers a web-based interface for easy visualization of results

Cons of Cloudsplaining

  • Limited to IAM policy analysis, while AWSConsoleRecorder covers a broader range of AWS services
  • Requires manual input of IAM policies, whereas AWSConsoleRecorder can automatically capture actions
  • Less real-time monitoring capability compared to AWSConsoleRecorder

Code Comparison

Cloudsplaining:

from cloudsplaining.scan.policy_document import PolicyDocument
policy = PolicyDocument(policy_dict)
findings = policy.analyze_policy_document()

AWSConsoleRecorder:

chrome.webRequest.onBeforeRequest.addListener(
  function(details) {
    if (details.method == "POST") {
      // Process and record AWS API calls
    }
  },
  {urls: ["https://*.amazonaws.com/*"]}
);

Cloudsplaining focuses on analyzing IAM policies, while AWSConsoleRecorder captures and records AWS API calls made through the console. The code snippets reflect their different approaches, with Cloudsplaining using Python for policy analysis and AWSConsoleRecorder using JavaScript for browser-based request interception.

prowler-cloud logo

prowler

10,522

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Pros of Prowler

  • Comprehensive AWS security assessment tool with over 240 checks
  • Supports multiple AWS services and compliance frameworks (CIS, GDPR, HIPAA, etc.)
  • Active development and community support

Cons of Prowler

  • More complex setup and usage compared to AWSConsoleRecorder
  • Requires AWS CLI and additional dependencies
  • May generate large amounts of data, potentially overwhelming for small teams

Code Comparison

AWSConsoleRecorder:

chrome.webRequest.onBeforeRequest.addListener(
  function(details) {
    if (details.method == "POST") {
      // Process and record AWS Console actions
    }
  },
  {urls: ["https://*.console.aws.amazon.com/*"]},
  ["requestBody"]
);

Prowler:

./prowler -p custom-profile -r us-east-1 -M csv,json -F -f us-east-1

Summary

AWSConsoleRecorder is a browser extension that records AWS Console actions, making it easy to generate CloudFormation templates. Prowler is a comprehensive security assessment tool for AWS environments. While AWSConsoleRecorder focuses on capturing user actions for infrastructure-as-code purposes, Prowler provides in-depth security analysis and compliance checks across multiple AWS services.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Console Recorder for AWS

CloudFormation Terraform SDK/CLI

Check out Former2 for a better maintained, more flexible solution

Records actions made in the AWS Management Console and outputs the equivalent CLI/SDK commands and CloudFormation/Terraform templates.

Screenshot

Installation

Google Chrome

You can download the extension from the Chrome Web Store or load the extension manually via chrome://extensions/.

Mozilla Firefox

You can download the extension from Firefox Add-ons or load the extension manually via about:addons. If loaded manually, replace the manifest.json file with the firefoxManifest.json file before loading.

Usage

Click the orange Console Recorder for AWS icon in the top-right corner of your browser window. If you do not see it, you may find it by clicking the three vertical dots and checking the top row. Once the popup is presented, click the Start Recording button.

Screenshot

All supported actions will be recorded up until the point in which you click the icon again and select the Stop Recording button, at which point you will be presented with the dashboard for you to copy code from.

The following outputs are currently supported:

  • Boto3 (Python) SDK
  • CloudFormation
  • HashiCorp Terraform
  • Troposphere
  • CDK (TypeScript)
  • AWS CLI (v1)
  • IAM Policy
  • JavaScript SDK
  • Go SDK (v1)

Settings

In the Settings section, there are a number of options you can set. These options take effect as soon as you change them.

Block Mutable Requests

This option will stop any mutable requests (most things that aren't a Get* or List* action) from executing in the console, whilst still logging the generated outputs in the dashboard.

Intercept Responses

This option will record the response body from all AWS calls. Setting this allows CloudFormation, CDK, Troposphere and Terraform to correlate actions between resources. For example, CloudFormation will use the !Ref and !GetAtt intrinsic functions to reference resource identifiers within the template.

:warning: Note: When Intercept Responses is set in Google Chrome, a notification telling you the extension is debugging the browser is shown for the duration of the recording for security purposes.

Security

Network data from the AWS Management Console is recorded and information is extracted from the requests and responses. Recording data is kept entirely in memory or on local disk and is never sent over the internet or anywhere else. You should take care to remove any sensitive data (passwords etc.) when sharing your generated code/templates with others.

Coverage

Not all actions and resources are supported yet, check this page for an up-to-date overview of supported actions and resources. This page is automatically generated.

Bugs

Given the nature of the extension, and the frequency in which the AWS team make updates, bugs will be frequent and inevitable. If you find these bugs, check the issues page to see if it has already been raised and if not, feel free to raise it.