auditclaw-aws
AWS compliance evidence collection for auditclaw-grc. 15 read-only checks across S3, IAM, CloudTrail, VPC, KMS, EC2, RDS, Lambda, EBS, SQS, SNS, Secrets Manager, Config, GuardDuty, and Security Hub.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/mailnike/auditclaw-awsAuditClaw AWS
Companion skill for auditclaw-grc. Collects compliance evidence from AWS accounts using read-only API calls.
15 checks | Read-only IAM policy | Evidence stored in shared GRC database
Security Model
- Read-only access: Custom IAM policy with 43 read-only API actions. No write/modify/delete permissions.
- Credentials: Uses standard AWS credential chain (
aws configure, env vars, or IAM instance role). No credentials stored by this skill. - Dependencies:
boto3==1.34.46(pinned) - Data flow: Check results stored as evidence in
~/.openclaw/grc/compliance.sqlitevia auditclaw-grc
Prerequisites
- AWS credentials configured (
aws configureor IAM instance role) pip install -r scripts/requirements.txt- auditclaw-grc skill installed and initialized
Commands
- "Run AWS evidence sweep": Run all checks, store results in GRC database
- "Check S3 encryption": Run S3-specific checks
- "Check IAM compliance": Run IAM-specific checks
- "Check CloudTrail status": Verify CloudTrail configuration
- "Check VPC security": Review VPC flow logs and security groups
- "Show AWS integration health": Last sync, errors, evidence count
Usage
All evidence is stored in the shared GRC database at ~/.openclaw/grc/compliance.sqlite via the auditclaw-grc skill's db_query.py script.
To run a full evidence sweep:
python3 scripts/aws_evidence.py --db-path ~/.openclaw/grc/compliance.sqlite --all
To run specific checks:
python3 scripts/aws_evidence.py --db-path ~/.openclaw/grc/compliance.sqlite --checks iam,s3,cloudtrail
Check Categories (15)
| Check | What It Verifies |
|---|---|
| iam | Password policy, MFA enforcement, access key rotation, unused credentials |
| s3 | Default encryption, public access blocks, versioning, access logging |
| cloudtrail | Trail enabled, multi-region, log validation, S3 delivery |
| vpc | Flow logs enabled, security group rules, NACL configuration |
| kms | Key rotation enabled, key policies, key usage |
| ec2 | IMDSv2 enforcement, EBS encryption, public IP exposure |
| rds | Storage encryption, automated backups, public accessibility |
| security_hub | Security Hub enabled, active findings by severity |
| guardduty | Detector enabled, active findings, threat intelligence |
| lambda | Runtime currency, public access, VPC attachment |
| cloudwatch | Log group retention policies, metric alarm coverage |
| config | Config recorder active, rule compliance status |
| eks_ecs | Container cluster encryption, logging, network policies |
| elb | HTTPS listeners, WAF association, access logging |
| credential_report | Full IAM credential report analysis |
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-mailnike-auditclaw-aws": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
erpclaw-setup
Company setup and master data management for ERPClaw ERP
erpclaw
AI-native ERP for small business. 29 modules, 609 actions. Install this meta-package to get started.
webclaw
Web dashboard for OpenClaw. Browser-based UI for any installed skill. Schema-driven rendering, JWT auth, RBAC, AI chat, real-time updates. Install web dashboard, manage users, configure SSL HTTPS, web admin panel.
auditclaw-grc
AI-native GRC (Governance, Risk, and Compliance) for OpenClaw. 97 actions across 13 frameworks including SOC 2, ISO 27001, HIPAA, GDPR, NIST CSF, PCI DSS, CIS Controls, CMMC, HITRUST, CCPA, FedRAMP, ISO 42001, and SOX ITGC. Manages controls, evidence, risks, policies, vendors, incidents, assets, training, vulnerabilities, access reviews, and questionnaires. Generates compliance scores, reports, dashboards, and trust center pages. Runs security header, SSL, and GDPR scans. Connects to AWS, Azure, GCP, GitHub, and identity providers via companion skills.
auditclaw-azure
Azure compliance evidence collection for auditclaw-grc. 12 read-only checks across storage, NSG, Key Vault, SQL, compute, App Service, and Defender for Cloud.