workstreet-compliance/cloud-collector

Cloud compliance evidence collectors for AWS, GCP and Azure

0 stars0 forksUpdated Jan 22, 2026
npx skills add workstreet-compliance/cloud-collector

README

Cloud Collector

Cloud Collector

Automated compliance evidence collection for AWS, GCP, and Azure

InstallationQuick StartEvidenceFrameworksContributing

Python License SOC 2 ISO 27001 NIST CIS

Generate audit-ready evidence packages with automatic mapping to SOC 2, ISO 27001, NIST 800-53, and CIS benchmarks. Outputs structured JSON for GRC tools and formatted Markdown for auditor review.

Installation

Via skills.sh

npx skills add Workstreet-Compliance/Cloud-Collector

Via pip

git clone https://github.com/Workstreet-Compliance/Cloud-Collector.git
cd Cloud-Collector
pip install -r requirements.txt

Quick Start

Using with Claude Code

Just ask naturally:

"Collect SOC 2 evidence from my AWS account"

"Generate ISO 27001 audit documentation for GCP project xyz"

"Check my Azure subscription for NIST 800-53 compliance"

Programmatic Usage

from skills.evidence_collector.scripts.aws_evidence import AWSEvidenceCollector
from skills.evidence_collector.scripts.output_formatter import EvidenceFormatter

# Collect evidence
collector = AWSEvidenceCollector()
package = collector.collect_all()

# Export
EvidenceFormatter.save(package, "./evidence_output")  # JSON + Markdown
GCP Example 
from skills.evidence_collector.scripts.gcp_evidence import GCPEvidenceCollector

collector = GCPEvidenceCollector(project_id="my-project-id")
package = collector.collect_all()
Azure Example 
from skills.evidence_collector.scripts.azure_evidence import AzureEvidenceCollector

collector = AzureEvidenceCollector(subscription_id="your-subscription-id")
package = collector.collect_all()

Evidence Categories

CategoryAWSGCPAzure
IAMUsers, roles, policies, MFAIAM bindings, service accountsRBAC, custom roles
LoggingCloudTrailAudit logs, sinksActivity logs, diagnostics
StorageS3 policies, encryptionGCS IAM, public accessStorage account security
SecuritySecurity Hub findingsSecurity Command CenterDefender for Cloud
EncryptionKMS keys, rotationCloud KMS key ringsKey Vault config
NetworkVPC, security groups, NACLsFirewall rules, VPCNSGs, VNets

Frameworks

SOC 2

Type II

CC6.x CC7.x

ISO 27001

2022

Annex A

NIST

800-53 Rev. 5

AC AU SC

CIS

Benchmarks v2.0

AWS GCP Azure

See references/control_mappings.md for complete mapping details.

Prerequisites

AWS Credentials 
# Option 1: AWS CLI
aws configure

# Option 2: Environment variables
export AWS_ACCESS_KEY_ID=xxx
export AWS_SECRET_ACCESS_KEY=xxx

Required permissions:

  • iam:Get*, iam:List*
  • cloudtrail:Describe*, cloudtrail:Get*
  • s3:GetBucket*, s3:ListBucket
  • securityhub:Get*
  • kms:Describe*, kms:List*
  • ec2:Describe*
GCP Credentials 
# Option 1: Application Default Credentials
gcloud auth application-default login

# Option 2: Service account
export GOOGLE_APPLICATION_CREDENTIALS=/path/to/key.json

Required roles:

  • roles/iam.securityReviewer
  • roles/logging.viewer
  • roles/storage.objectViewer
  • roles/securitycenter.findingsViewer
  • roles/cloudkms.viewer
  • roles/compute.viewer
Azure Credentials 
# Option 1: Azure CLI
az login

# Option 2: Service prin

...
Read full README

Publisher

workstreet-complianceworkstreet-compliance

Statistics

Stars0
Forks0
Open Issues0
CreatedJan 22, 2026