-
Notifications
You must be signed in to change notification settings - Fork 64
Home
This is a very simple version of my inventory script. It should help some hackers trying (like me) to understand how AWS environments work, and to check what resources you have used end created. AWS Config does the same but is $#!* expensive.
I will try to improve my script from times to times, to add more services, and may be to add features to inject results in some tools (to be defined).
First inspired from https://github.com/powerupcloud/AWSInventoryLambda but not forked because it has been too much modified. Then rewritten from scratch to be more pythonified.
If you can use aws-inventory with services that are not tested yet (for budget reasons ;), you're help will be much appreciated! Contact me if you can test expensive services (by sending reports & bugs).
The first version was a quick and dirty try, in order to understand how to get all kind of information about AWS resources with AWS Python SDK.
This will be is an improved version, with results interpretation and a file containing all inventory information (a json file).
It's a complete rebuild of the script.
This code is not designed to be invulnerable.
Take care when using cost explorer; even if all functions are read only (in AWS IAM), cost explorer is not free.
The policies included here are useful to call all needed services. Now, the services are calculated with the policies in the JSON files, so it should be as minimal as possible.
You need first to run create_policy_files.py
to have a single policy file to add to the user you'll use to run the inventory script. The file will (by default) be located in the output_policies
folder.