Skip to content
Evidence Collection

Evidence Collection #21

Sign in to view logs

Evidence Collection

Evidence Collection #21

Workflow file for this run

.github/workflows/aws.yml at ba8dd6c
name: Evidence Collection
on:
workflow_dispatch:
env:
AWS_REGION : "us-east-1"
CI_COMMIT_MESSAGE: AWS Evidence Collected
permissions:
id-token: write
contents: write
pull-requests: write
jobs:
aws-evidence:
runs-on: ubuntu-latest
steps:
- name: Git clone the repository
uses: actions/checkout@v4
- name: Configure AWS credentials with OIDC
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: arn:aws:iam::145023120730:role/elevated-standards
role-session-name: evidencecollection
aws-region: ${{ env.AWS_REGION }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install boto3
- name: Debug Environment Variables
run: |
echo "AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}"
echo "AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}"
echo "AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}"
echo "AWS_REGION=${AWS_REGION}"
- name: PREP
run: |
bash utils/date.sh
mkdir -p $GITHUB_WORKSPACE/evidence-artifacts/systems/aws/{YEAR}/
- name: Run evidence collection script
run: |
export PYTHONPATH="$PYTHONPATH:$(pwd)/src"
python src/services/aws/automation.services.py
python src/services/aws/certificatesandkey.services.py
python src/services/aws/cloudprefix.services.py
python src/services/aws/containers.services.py
python src/services/aws/dataandstorage.services.py
python src/services/aws/disaster.services.py
python src/services/aws/networking.services.py
python src/services/aws/security.services.py
# python src/services/aws/simpleemail.services.py
- name: Commit and Push Results
run: |
git config --local user.name "GitHub Actions"
git config --local user.email "[email protected]"
git add -A
git commit -m "${{ env.CI_COMMIT_MESSAGE }}"
git push origin HEAD:${{ github.ref }}