Skip to content

A Python package which wanders across your AWS account and records your resources in a variety of Storage Connectors

License

Notifications You must be signed in to change notification settings

CloudWanderer-io/CloudWanderer

Repository files navigation

https://user-images.githubusercontent.com/803607/101322139-7111b800-385e-11eb-9277-c6bf3a580987.png

PyPI GitHub Workflow Status (branch) Documentation Status

A Python package which allows you to enumerate and store your AWS Resources in AWS Neptune (or Gremlin for local execution) in order to be able to ask questions like:

  1. What EC2 instances do I have that are in Public Subnets that have roles and are accessible from the internet?
  2. How old are my IAM users access keys?
  3. What lambda functions do I have that are connected to VPCs that have access to the internet via a NAT gateway?
  4. How many untagged VPCs do I have across all regions?

What does it do?

YouTube video demonstrating how to query public ec2 instances with CloudWander and OpenCypher.

Watch the above YouTube video to see an example of what you can do with CloudWanderer.

Installation

pip install cloudwanderer

Local Quickstart

Spin up a local Gremlin Graph Database server and a Jupyter Notebook.

$ git clone https://github.com/CloudWanderer-io/docker-graph-notebook.git
$ cd docker-graph-notebook
$ docker-compose up

Look in the output for something that looks like:

jupyter-notebook_1  |     Or copy and paste one of these URLs:
jupyter-notebook_1  |         http://localhost:8888/?token=88dc054886e3ea73480de91066937a33c9bc8bd484eb395c

Open the URL in question in a tab in your browser.

Open up Python in your preferred IDE and import and initialise CloudWanderer

>>> import logging
>>> from cloudwanderer import CloudWanderer
>>> from cloudwanderer.storage_connectors import GremlinStorageConnector
>>> storage_connector = GremlinStorageConnector(
...     endpoint_url="ws://localhost:8182"
... )
>>> wanderer = CloudWanderer(storage_connectors=[storage_connector])
>>> logging.basicConfig(level='INFO')

Get all the resources from your AWS account and save them to your local Gremlin graph database.

>>> wanderer.write_resources()

Go to the Jupyter Notebook link you opened earlier and, create a new notebook by hitting 'new' on the top right, and type the following into a new cell to get a list of VPCs.

%%gremlin
g.V().hasLabel('aws_ec2_vpc').out().path().by(valueMap(true))

Voila!

Example Query and graph output

You can learn more Gremlin (the language that's supported by the local setup here) by reading Kevin Lawrence's amazing book on Gremlin OR you can get stuck in to the much more straightforward OpenCypher language by following the Neptune Quickstart guide.

About

A Python package which wanders across your AWS account and records your resources in a variety of Storage Connectors

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

 
 
 

Languages