Generate IAM actions list from AWS Access Advisor reports.
Project description
Overview
Generate IAM actions list from AWS Access Advisor reports.
Prerequisites
Python >= 3.6
aws_ssooidc >= 2021.1.1.1 (installed as a dependency)
boto3 >= 1.17.78 (installed as a dependency)
Required Arguments
AWS account ID
AWS entity ARN (role, user, etc. to use for report generation)
AWS SSO Permission Set name for login purposes
AWS SSO login URL
Usage
Installation:
pip3 install aws_access_advisor
# or
python3 -m pip install aws_access_advisorIn Python3:
import <file_name_without_.py>
auth = <file_name_without_.py>.login("<account_id>", "<sso_url>", "<admin_role_name>")
report = <file_nafile_name_without_.pyme>.get_report(
"<entity_role_arn>",
auth["roleCredentials"]["accessKeyId"],
auth["roleCredentials"]["secretAccessKey"],
auth["roleCredentials"]["sessionToken"]
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
for obj in report["ServicesLastAccessed"]:
if "LastAuthenticatedEntity" in obj:
try:
for obj_in in obj["TrackedActionsLastAccessed"]:
if "LastAccessedEntity" in obj_in:
print(f'"{obj["ServiceNamespace"]}:{obj_in["ActionName"]}",')
except Exception as e:
print(f'"{obj["ServiceNamespace"]}:*",')In BASH:
python <file_name_with_.py> \
-a <account_id> \
-e <entity_role_arn> \
-r <admin_role_name> \ # [OPTIONAL]
-u <sso_url> \ # [OPTIONAL]
> <output_path>Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aws_access_advisor-2022.10.1.1.tar.gz.
File metadata
- Download URL: aws_access_advisor-2022.10.1.1.tar.gz
- Upload date:
- Size: 3.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.2.2 CPython/3.10.7 Linux/5.15.0-1020-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e76ecbcac710a940396d110a6d8f3f23ce8844677ecf1032bba05d0fe31efc54
|
|
| MD5 |
588f0f4557ad727786d3c7ce590b4646
|
|
| BLAKE2b-256 |
3e290fd5872c9762354c265842b26d7d05811447c1a422c196d1ca4698d40a33
|
File details
Details for the file aws_access_advisor-2022.10.1.1-py3-none-any.whl.
File metadata
- Download URL: aws_access_advisor-2022.10.1.1-py3-none-any.whl
- Upload date:
- Size: 3.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.2.2 CPython/3.10.7 Linux/5.15.0-1020-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
543316c47adbeda0c16245a1a13e4b07f8de8365085c357bbf9ac94816eaa83c
|
|
| MD5 |
e674725c891641d61bbebaceba2a9fe8
|
|
| BLAKE2b-256 |
cf51679111ec49ac2824da78fa0e5a47b62e11e2b5944f2185280c56969bf63e
|
