My manager asked if it could run itself. Here's how I automated iam-audit with Fargate, EventBridge and Terraform (Part 3)
A few weeks ago my manager asked me a question that seemed simple: "Can it be scheduled to arrive on its own every week?" The script was already scanning more than 20 AWS accounts. It was already detecting Access Keys from 2018 still active in production. It was already generating a dashboard that any CISO could read without opening a spreadsheet. Technically, the work was done. But "the work was done" meant someone had to remember to run it. Someone had to have Docker installed, credentials configured, and free time on a Monday morning. On a security team with multiple open fronts, that "someone" is exactly the link that breaks. Automation wasn't a cosmetic improvement. It was the step that turned a tool into a service. The constraint that defines the architecture The first decision wasn't technical — it was about constraints. The report needs to run once a week. It takes minutes. When it's done, there's nothing to keep alive. Paying for infrastructure that sits idle 99.9% of the time
Continue reading on Dev.to Python
Opens in a new tab
