Generate IAM actions list from AWS Access Advisor reports.
Project description
Overview
Generate IAM actions list from AWS Access Advisor reports.
Prerequisites
Python >= 3.6
`aws-ssooidc <https://pypi.org/project/aws-ssooidc/>`_ >= 2021.1.1.1
`boto3 <https://pypi.org/project/boto3/>`_ >= 1.17.78
Required Arguments
AWS entity ARN (role, user, etc. to use for report generation)
Optional Arguments
If authenticating with named profiles:
AWSCLI profile name
If authenticating with IAM acccess key credentials:
AWS access key id
AWS secret access key
If authenticating with SSO:
AWS account ID
AWS SSO Permission Set (role) name
AWS SSO login URL
Usage
Installation:
pip3 install aws-access-advisor
# or
python3 -m pip install aws-access-advisor
In Python3 authenticating with named profiles:
import aws_access_advisor as access
report = access.get_report(
<entity_arn>,
profile_name=<profile_name>,
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(parse(report)))
In Python3 authenticating with IAM access key credentials:
import aws_access_advisor as access
report = access.get_report(
<entity_arn>,
access_key_id=<access_key_id>,
secret_access_key=<secret_access_key>,
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(parse(report)))
In Python3 authenticating with SSO:
import aws_access_advisor as access
report = access.get_report(
<entity_arn>,
sso_url=<sso_url>,
sso_role_name=<sso_role_name>,
sso_account_id=<sso_account_id>,
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(parse(report)))
In BASH authenticating with named profiles:
python aws_access_advisor \
-e <entity_arn> \
-p <profile_name>
In BASH authenticating with IAM access key credentials:
python aws_access_advisor \
-e <entity_arn> \
-k <access_key_id> \
-s <secret_access_key>
In BASH authenticating with SSO:
python aws_access_advisor \
-e <entity_arn> \
-a <sso_account_id> \
-r <sso_role_name> \
-u <sso_url>
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for aws_access_advisor-2022.10.1.5.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 199c4e298f36c4761bffe279d102407097ffc351ed9352650f496436164fc64e |
|
MD5 | aa2f7c692882c25e976b5012444a0619 |
|
BLAKE2b-256 | 6a8b6f35844676c600244829fbc7e0ce01fefd5220f1f7de1bc19ee40fa7d509 |
Hashes for aws_access_advisor-2022.10.1.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fbac49fd6786c73e71b3c838aebf85acf0281b5b32cc144697f757ef47920ef2 |
|
MD5 | 08810fc27dafe1335b4df59c0f28a33c |
|
BLAKE2b-256 | d79bf66a18e8d39fa5c2303676f0d03c9e440bf6f7e30bca80c8f359f7d5161c |