← Home

Running automated security checks on AWS using Scout2 in a Docker container

I came across this tool [0] and thought I’d give it a try out.

First, I created a new user in my AWS environment and applied the ReadOnly and SecurityAudit roles to it.

Then I decided to run the script in a Docker container. I’ve included instructions here in case you want to do the same.

FROM python:3.7-alpine3.7
RUN pip install awsscout2
VOLUME ["/report"]
CMD /usr/local/bin/Scout2 --report-dir /report

The end result is a very useful static HTML report. Of course, it flagged some false positives, but is a good data point on how the environment is set up.