Generate IAM actions list from AWS Access Advisor reports.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for fer1035 from gravatar.com fer1035

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: GNU General Public License v2 (GPLv2) (GPL-2.0-only)

Author: Ahmad Ferdaus Abd Razak

Tags AWS, Access, Advisor

Requires: Python >=3.6, <4.0

Classifiers

Project description

Overview

Generate IAM actions list from AWS Access Advisor reports.

Prerequisites

  • Python >= 3.6

  • aws_ssooidc >= 2021.1.1.1 (installed as a dependency)

  • boto3 >= 1.17.78 (installed as a dependency)

Required Arguments

  • AWS account ID

  • AWS entity ARN (role, user, etc. to use for report generation)

  • AWS SSO Permission Set name for login purposes

  • AWS SSO login URL

Usage

Installation:

pip3 install aws_access_advisor
# or
python3 -m pip install aws_access_advisor

In Python3:

import <file_name_without_.py>
auth = <file_name_without_.py>.login("<account_id>", "<sso_url>", "<admin_role_name>")
report = <file_nafile_name_without_.pyme>.get_report(
   "<entity_role_arn>",
   auth["roleCredentials"]["accessKeyId"],
   auth["roleCredentials"]["secretAccessKey"],
   auth["roleCredentials"]["sessionToken"]
)
print(
   f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
for obj in report["ServicesLastAccessed"]:
   if "LastAuthenticatedEntity" in obj:
      try:
            for obj_in in obj["TrackedActionsLastAccessed"]:
               if "LastAccessedEntity" in obj_in:
                  print(f'"{obj["ServiceNamespace"]}:{obj_in["ActionName"]}",')
      except Exception as e:
            print(f'"{obj["ServiceNamespace"]}:*",')

In BASH:

python <file_name_with_.py> \
-a <account_id> \
-e <entity_role_arn> \
-r <admin_role_name> \  # [OPTIONAL]
-u <sso_url> \  # [OPTIONAL]
> <output_path>

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for fer1035 from gravatar.com fer1035

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: GNU General Public License v2 (GPLv2) (GPL-2.0-only)

Author: Ahmad Ferdaus Abd Razak

Tags AWS, Access, Advisor

Requires: Python >=3.6, <4.0

Classifiers

Release history Release notifications | RSS feed

2024.1.0.0

2022.10.2.1

2022.10.2.0

2022.10.1.9

2022.10.1.8

2022.10.1.7

2022.10.1.6

2022.10.1.5

2022.10.1.4

2022.10.1.3

2022.10.1.2

This version

2022.10.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aws_access_advisor-2022.10.1.1.tar.gz (3.1 kB view hashes)

Uploaded Source

Built Distribution

aws_access_advisor-2022.10.1.1-py3-none-any.whl (3.4 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page