Crawl through active AWS accounts in an organization using master assumed role.
Project description
Overview
Crawl through active AWS accounts in an organization using master assumed role.
Usage
Installation:
pip3 install aws_crawler
python3 -m pip install aws_crawler
Example:
"""Get caller identity from the STS service."""
import sys
import boto3
from botocore import exceptions
import aws_crawler
# Get arguments.
access_key = sys.argv[1]
secret_key = sys.argv[2]
session_token = sys.argv[3]
thread_num = 10
role_name = 'AWSViewOnlyAccess'
region_name = 'us-east-1'
# Get account list.
accounts = aws_crawler.list_accounts(
access_key,
secret_key,
session_token,
region_name
)
account_ids = [account['Id'] for account in accounts]
# Crawl through each account.
for account_id in account_ids:
print(f"Working on {account_id}...")
try:
credentials = aws_crawler.get_credentials(
access_key,
secret_key,
session_token,
region_name,
f'arn:aws:iam::{account_id}:role/{role_name}'
)
client = boto3.client(
'sts',
aws_access_key_id=credentials['aws_access_key_id'],
aws_secret_access_key=credentials['aws_secret_access_key'],
aws_session_token=credentials['aws_session_token'],
region_name=credentials['region_name']
)
response = client.get_caller_identity()['UserId']
except exceptions.ClientError as e:
response = 'Could not assume role'
print(response)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
aws_crawler-1.0.0.tar.gz
(2.4 kB
view hashes)
Built Distribution
Close
Hashes for aws_crawler-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | c462e2e2c8a9d4e3f784ca92ba4137ce906cd13cdf345296b0edf1e7925ed17a |
|
MD5 | 29aaa1ac363b988f129d77fde42df28b |
|
BLAKE2b-256 | e539f08b595483c3243676f994c65457a98847685a0b24d7986cee16f8775d61 |