Clouditor is a tool which supports continuous cloud assurance. Its main goal is to continuously evaluate if a cloud-based application (built using, e.g., Amazon Web Services (AWS) or Microsoft Azure) is configured in a secure way and thus complies with security requirements defined by, e.g., Cloud Computing Compliance Controls Catalogue (C5) issued by the German Office for Information Security (BSI) or the Cloud Control Matrix (CCM) published by the Cloud Security Alliance (CSA).
Clouditor currently supports over 60 checks for Amazon Web Services (AWS), Microsoft Azure and OpenStack. Results of these checks are evaluated against security requirements of the BSI C5 and CSA CCM.
Key features are:
To run the Clouditor in a demo-like mode, with no persisted database:
docker run -p 9999:9999 clouditor/clouditorTo enable auto-discovery for AWS or Azure credentials stored in your home folder, you can use:
docker run -v $HOME/.aws:/root/.aws -v $HOME/.azure:/root/.azure -p 9999:9999 clouditor/clouditorThen open a web browser at http://localhost:9999. Login with user clouditor and the default password clouditor.
We use Google Java Style as a formatting. Please install the appropriate plugin for your IDE.
You can use the hook in style/pre-commit to check for formatting errors:
cp style/pre-commit .git/hooksTo build the Clouditor, you can use the following gradle commands:
./gradlew clean buildTo build all necessary docker images, run the following command:
./gradlew docker