A TypeScript/NestJS API for monitoring cloud security events from AWS CloudTrail.
Features
- Security Event Collection: Pulls AWS CloudTrail events into PostgreSQL
- REST API: Query stored events with filtering and pagination
- JWT Authentication: Secure access to all endpoints
- Scheduled Jobs: Automatic event collection every 10 minutes
- TypeORM Integration: Robust database operations with migrations
Endpoints
GET /aws-security/fetch-events- Pull recent CloudTrail eventsGET /aws-security/events- Fetch events directly from AWSGET /aws-security/db-events- Query stored events with filtersPOST /cloudtrail/test- Test event processingPOST /auth/dev-token- Generate JWT token
Quick Start
# Get a token
TOKEN=$(curl -s -X POST http://localhost:3000/auth/dev-token | jq -r .access_token)
# Pull events
curl -H "Authorization: Bearer $TOKEN" http://localhost:3000/aws-security/fetch-eventsInstallation
git clone https://github.com/stuartasiimwe7/cloud-security-monitoring-api.git
cd cloud-security-monitoring-api
npm install
npm run start:devDocumentation
See README.md for complete setup and usage instructions.
What's Changed
- github worflows - ci/cd and docker by @stuartasiimwe7 in #1
New Contributors
- @stuartasiimwe7 made their first contribution in #1
Full Changelog: https://github.com/stuartasiimwe7/Cloud-Security-Monitoring-API/commits/v1.0
Contributors
stuartasiimwe7