Generate IAM actions list from AWS Access Advisor reports.
Project description
Overview
Generate IAM actions list from AWS Access Advisor reports.
Prerequisites
Python >= 3.6
`aws-ssooidc <https://pypi.org/project/aws-ssooidc/>`_ >= 2021.1.1.1
`boto3 <https://pypi.org/project/boto3/>`_ >= 1.17.78
Required Arguments
AWS entity ARN (role, user, etc. to use for report generation)
Optional Arguments
If authenticating with named profiles: - AWSCLI profile name
Of authenticating with IAM acccess key credentials: - AWS access key id - AWS secret access key
If authenticating with SSO: - AWS account ID - AWS SSO Permission Set (role) name - AWS SSO login URL
Usage
Installation:
pip3 install aws-access-advisor
# or
python3 -m pip install aws-access-advisor
In Python3 authenticating with named profiles:
import aws_access_advisor as access
report = access.get_report(
<entity_arn>,
profile_name=<profile_name>,
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(parse(report)))
In Python3 authenticating with IAM access key credentials:
import aws_access_advisor as access
report = access.get_report(
<entity_arn>,
access_key_id=<access_key_id>,
secret_access_key=<secret_access_key>,
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(parse(report)))
In Python3 authenticating with SSO:
import aws_access_advisor as access
report = access.get_report(
<entity_arn>,
sso_url=<sso_url>,
sso_role_name=<sso_role_name>,
sso_account_id=<sso_account_id>,
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(parse(report)))
In BASH authenticating with named profiles:
python aws_access_advisor \
-e <entity_arn> \
-p <profile_name>
In BASH authenticating with IAM access key credentials:
python aws_access_advisor \
-e <entity_arn> \
-k <access_key_id> \
-s <secret_access_key>
In BASH authenticating with SSO:
python aws_access_advisor \
-e <entity_arn> \
-a <sso_account_id> \
-r <sso_role_name> \
-u <sso_url>
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for aws_access_advisor-2022.10.1.4.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6849e5c55afc8a1ed3126dd5cbd40f60c62cfd67cc689310d797f6677e77ff31 |
|
MD5 | 9779a36f2bcbe181b8407c73427fd641 |
|
BLAKE2b-256 | 446383680ea85e0b6d40d67b2f553eadd208e7943d7ffee6710f518c77c0a440 |
Hashes for aws_access_advisor-2022.10.1.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0b32629f0ddd37b5093e03488d1e9db050cca0499e977d6379b0754fc93e2726 |
|
MD5 | 77845545ef3b9186f47ed863dd1ff995 |
|
BLAKE2b-256 | c2c089f4b5f6402c545b1cf0c5c252af85221ec1d1f8bc49a35e51fa6d76325c |