|
|
|
|
|
|
by aka1234
2221 days ago
|
|
|
One thing people have to keep in mind when running these kinds of tools is they make tons of API calls. Depending on how you have things set up, use these tools can drastically increase your CloudTrail bill. Also, they'll often make calls against non-existent resources or run into permissions issues. So it can clutter your CloudTrail with API errors, making actual API errors harder to locate. |
|
|
You're correct about the API calls & potential CloudTrail costs.
Regarding making calls to non-existent resources that doesn't tend to be an issue. Typically we start by making a call to whatever endpoint lists resources, and then fetch additional information for these resources.
As for permissions the wiki (https://github.com/nccgroup/ScoutSuite/wiki) has guidance towards the required privileges (including a minimal policy for AWS - https://github.com/nccgroup/ScoutSuite/wiki/AWS-Minimal-Priv...)