dollhouse: a tool to audit Google Cloud Platform (GCP)
Dollhouse
Dollhouse is a tool to audit Google Cloud Platform (GCP). As there are many components in GCP, it aims to be the one tool that can audit the whole platform for you. It can be used by Security Engineers and DevOps engineers to monitor the whole organization infrastructure. Dollhouse is also able to send alerts based on pre-configured events.
High-Level Architecture
Currently supports:
- Firewall Rules
- IAM Roles
- Service Accounts
To run the audit, you can choose what you want to check (Firewall, IAM) by adding the required arguments This script can be run on your local machine with your own user. It will fetch the projects that your account has access to. Ideally, you should create an account/serviceaccount which has organization-level viewer access so that it becomes easier to run on all the projects.
Dollhouse-bot
Dollhouse-bot is a slack bot which gives instant alerts on slack to custom events that you have set. This bot leverages Google Stackdriver Logging & Monitoring to check for events in a GCP Project.
Install && Use
Copyright 2019 security
