Generate IAM actions list from AWS Access Advisor reports.
Project description
Overview
Generate IAM actions list from AWS Access Advisor reports.
Prerequisites
Python >= 3.6
aws-ssooidc (https://pypi.org/project/aws-ssooidc/) >= 2021.1.1.1
boto3 (https://pypi.org/project/boto3/) >= 1.17.78
Required Arguments
AWS entity ARN (role, user, etc. to use for report generation)
Optional Arguments
If authenticating with named profiles:
AWSCLI profile name
If authenticating with IAM acccess key credentials:
AWS access key id
AWS secret access key
If authenticating with SSO:
AWS account ID
AWS SSO Permission Set (role) name
AWS SSO login URL
Usage
Installation:
pip3 install aws-access-advisor
# or
python3 -m pip install aws-access-advisorIn Python3 authenticating with named profiles:
import aws_access_advisor as access
report = access.get_report(
"<entity_arn>",
profile_name="<profile_name>",
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(access.parse(report)))In Python3 authenticating with IAM access key credentials:
import aws_access_advisor as access
report = access.get_report(
"<entity_arn>",
access_key_id="<access_key_id>",
secret_access_key="<secret_access_key>",
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(access.parse(report)))In Python3 authenticating with SSO:
import aws_access_advisor as access
report = access.get_report(
"<entity_arn>",
sso_url="<sso_url>",
sso_role_name="<sso_role_name>",
sso_account_id="<sso_account_id>",
)
print(
f'Job status: {report["JobStatus"]} after {report["processing_time"]} second(s).'
)
print("\n".join(access.parse(report)))In BASH authenticating with named profiles:
python [/path/to/module/]aws_access_advisor \
-e <entity_arn> \
-p <profile_name>In BASH authenticating with IAM access key credentials:
python [/path/to/module/]aws_access_advisor \
-e <entity_arn> \
-k <access_key_id> \
-s <secret_access_key>In BASH authenticating with SSO:
python [/path/to/module/]aws_access_advisor \
-e <entity_arn> \
-a <sso_account_id> \
-r <sso_role_name> \
-u <sso_url>Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file aws_access_advisor-2022.10.1.9.tar.gz.
File metadata
- Download URL: aws_access_advisor-2022.10.1.9.tar.gz
- Upload date:
- Size: 3.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.2.2 CPython/3.10.7 Linux/5.15.0-1020-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d6da6c5f39d76cdfdcf028a02469e16e45bb0c29cd51cd6ba562f193e3f5b55e
|
|
| MD5 |
f93b5f608fd34ac8b9eb6bbe732bd0f9
|
|
| BLAKE2b-256 |
1667e08567f16ebef4e3e95d8d9254fe84445e2b38f2fa5a2b48624b0ca96f54
|
File details
Details for the file aws_access_advisor-2022.10.1.9-py3-none-any.whl.
File metadata
- Download URL: aws_access_advisor-2022.10.1.9-py3-none-any.whl
- Upload date:
- Size: 3.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.2.2 CPython/3.10.7 Linux/5.15.0-1020-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b7b40265891ad5ddef6f1a3b4bfcdd8fbd56c074d2eecf3931ff2544cd8e4742
|
|
| MD5 |
78cc6730d7daf74f9bf8a9cb8de5a84c
|
|
| BLAKE2b-256 |
0ee0c3be2edcbe527593e325618d5f2675ae70bdb1470c21ded79ca30dc68967
|
