Please find the below scripts:

1. Is_MFA_Enabled.sh

——————————————————————-

#!/bin/bash

usernames=$(aws iam list-users –query “Users[].[UserName]” –output text)

while read -r username; do
c=$(aws iam list-mfa-devices –user-name “$username” –query “length(MFADevices)” –output text)
echo “$username,$c”
done <<< “$usernames”

2. SG_Allow_Open_Internet.sh

#!/bin/bash

sgs=$(aws ec2 describe-security-groups –filters “Name=ip-permission.cidr,Values=0.0.0.0/0” –query “SecurityGroups[].[GroupId, GroupName]” –output text)

while read -r line; do
sgid=$(echo $line | awk ‘{print $1;}’)
sgname=$(echo $line | awk ‘{print $2;}’)
c=$(aws ec2 describe-network-interfaces –filters “Name=group-id,Values=$sgid” –query “length(NetworkInterfaces)” –output text)
echo “$sgid,$c,$sgname”
done <<< “$sgs”

3. Unused_Security_Groups.sh

#!/bin/bash

sgs=$(aws ec2 describe-security-groups –query “SecurityGroups[].[GroupId, GroupName]” –output text)

while read -r line; do
sgid=$(echo $line | awk ‘{print $1;}’)
sgname=$(echo $line | awk ‘{print $2;}’)
c=$(aws ec2 describe-network-interfaces –filters “Name=group-id,Values=$sgid” –query “length(NetworkInterfaces)” –output text)
echo “$sgid,$c,$sgname”
done <<< “$sgs”

Hope this will help you!

Please Remember me in your prayers!

Enjoy