Tool to generate an inventory of all IP addresses in use in an account, one or multiple VPC, or one or multiple subnet.
Project description
AWS IP inventory
Tool to generate an inventory of all IP addresses in use in an account, one or multiple VPC, or one or multiple subnet.
Features:
- Detects the object type that uses the interface (EC2, RDS, etc.); not always possible because this guess is done using some magic from the interface description.
- Filter by region, VPC and/or subnet
- Guess a friendly name of the object (EC2 Name tag, for example)
- Gets project and environment tags
- Multiple output formats
- Links to AWS web console for services/objects
Output formats:
- Console table
- HTML
- JSON
- YAML
- CSV
Supported services:
- EC2 instances
- ElastiCache (partially)
- ELB/ALB (ELBv2)
- RDS
- ECS tasks
- NAT Gateways
- EFS mount targets
- Directories
- Workspaces
- Lambda
- CodeBuild (only service, not object)
- API Gateway VPC link
- VPC endpoints
- Route53 Resolver
- Transit Gateway
- RDS Proxy
Internally, the script gets the list of network interfaces, and tries to guess to what service and object the interface is attached to; this is not always possible, because there is no a direct property to know it, and this must be guessed using regexs and string comparison using the interface description or the requester property.
Keep in mind that some network interfaces are ephemeral, i.e. they live only for a short period of time, like the ones used in Lambda, ECS tasks, etc. Others have a longer life, like the ones used in "static" EC2 instances.
Installation
Using pipx:
pipx install awsipinventory
Cloning the repository, using Poetry:
git clone https://github.com/okelet/awsipinventory
cd awsipinventory
poetry install
Usage
Remember to add ~/.local/bin to your path if not already done:
export PATH=${PATH}:${HOME}/.local/bin
usage: awsipinventory [-h] [-l {DEBUG,INFO,WARNING,ERROR,CRITICAL}]
[-f {none,table,html,json,yaml,yml,csv}] [-o OUTPUT]
[--regions [REGIONS [REGIONS ...]]]
[--vpcs [VPCS [VPCS ...]]]
[--subnets [SUBNETS [SUBNETS ...]]]
[--columns [COLUMNS [COLUMNS ...]]]
optional arguments:
-h, --help show this help message and exit
-l {DEBUG,INFO,WARNING,ERROR,CRITICAL}, --log-level {DEBUG,INFO,WARNING,ERROR,CRITICAL}
Set the logging level
-f {none,table,html,json,yaml,yml,csv}, --format {none,table,html,json,yaml,yml,csv}
Output format
-o OUTPUT, --output OUTPUT
Output file; defaults to standard output
--regions [REGIONS [REGIONS ...]]
Use "all" to get data from all enabled regions
--vpcs [VPCS [VPCS ...]]
Restrict results to specific VPCs (must exist in the
account and regions)
--subnets [SUBNETS [SUBNETS ...]]
Restrict results to specific subnets (must exist in
the account, VPCs and regions)
Running from an standard Linux:
awsipinventory --format html --output /tmp/inventory.html && firefox /tmp/inventory.html
Running from WSL:
ln -s /mnt/c/Program\ Files/Mozilla\ Firefox/firefox.exe ~/.local/bin/firefox
awsipinventory --format html --output /tmp/inventory.html && firefox $(wslpath -w /tmp/inventory.html)
From local development environment or cloned repository:
poetry run python -m awsipinventory
Output examples
Console table:
+-----------------------+----------+--------------------------+--------------------+--------------------+-------------------+-------------+--------------------------------------+------------------------------+---------+-------------+
| VPC ID | VPC name | Subnet ID | Subnet name | Private IP address | Public IP address | Type | ID | Name | Project | Environment |
+-----------------------+----------+--------------------------+--------------------+--------------------+-------------------+-------------+--------------------------------------+------------------------------+---------+-------------+
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | 52.xx.xxx.xxx | ec2 | i-xxxxxxxx | xxxxxxxxxxxxxxx | xxxxx | PRO |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | 52.0.xxx.xxx | ec2 | i-xxxxxxxx | xxxxxxxxxxxxxxx | xxxxx | DEV |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xx | 54.xxx.xxx.xxx | workspace | ws-xxxxxxxxx | xxxxxxx | | |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | 34.xxx.xxx.xxx | workspace | ws-xxxxxxxxx | xxxxxx | | |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | | directory | d-xxxxxxxxxx | xxxxx | | |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | | rds | xxxxxxxxxxxxxxx | | xxx | PRE/DEV |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | | directory | d-xxxxxxxxxx | xxxxx | | |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xx | 23.xx.xxx.xxx | nat_gateway | nat-xxxxxxxxxxxxxxx | xxxxx | | |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | | rds | xxxxxxxxxxxxxxx | | | |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | | rds | xxxxxxxxxxxxxxx | | xxx | PRO |
| vpc-xxxxxxxx | xxx | subnet-xxxxxxxx | xxxxxxxxx | 10.xxx.x.xxx | | dms | | | | |
JSON:
[
{
"region": "us-east-1",
"interface_id": "eni-xxxxxxxxxxxxxxxxx",
"interface_type": "interface",
"interface_description": "Primary network interface",
"interface_requested_id": null,
"interface_status": "in-use",
"vpc_id": "vpc-xxxxxxxx",
"vpc_name": "xxx",
"vpc_link": "https://console.aws.amazon.com/vpc/home?region=us-east-1#vpcs:VpcId=vpc-xxxxxxxx;sort=VpcId",
"subnet_id": "subnet-xxxxxxxx",
"subnet_name": "XXXXXX",
"subnet_link": "https://console.aws.amazon.com/vpc/home?region=us-east-1#subnets:SubnetId=subnet-xxxxxxxx;sort=SubnetId",
"private_ip_address": "10.xxx.x.xx",
"public_ip_address": "52.xx.xxx.xx",
"object_type": "ec2",
"object_id": "i-xxxxxxxxxxxxxxxxx",
"object_name": "XXXXXXX",
"object_tag_project": null,
"object_tag_environment": "PRO",
"object_description": null,
"object_console_url": "https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#Instances:search=i-xxxxxxxxxxxxxxxxx;sort=instanceId",
"object_service_url": "https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#Instances:"
}
]
HTML:
Testing package deployment
Set credential environment variables manually, or using another tool, like AWSume; then test the application using Docker directly:
docker build -t awsipinventory:latest .
awsume xxx
docker run -it --rm -e AWS_DEFAULT_REGION -e AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN awsipinventory:latest --log-level debug -f json
Or using docker-compose:
awsume xxx
docker-compose up --build --force-recreate
docker-compose rm -fs
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
awsipinventory-0.6.3.tar.gz
(15.5 kB
view details)
Built Distribution
File details
Details for the file awsipinventory-0.6.3.tar.gz.
File metadata
- Download URL: awsipinventory-0.6.3.tar.gz
- Upload date:
- Size: 15.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.10.4 Linux/5.13.0-1021-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d5f4ab2149a46c1b3508a9923dd1068e13cfd3b7e5b552dcc1fdfd25bb1b743d |
|
| MD5 | d0bb4210aaf9c9b202f03c445b6bba6e |
|
| BLAKE2b-256 | 82401a8ca41c989c236a291ec5034c524423bc92ff7ac060549f2d7104f9b282 |
File details
Details for the file awsipinventory-0.6.3-py3-none-any.whl.
File metadata
- Download URL: awsipinventory-0.6.3-py3-none-any.whl
- Upload date:
- Size: 13.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.13 CPython/3.10.4 Linux/5.13.0-1021-azure
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ca1ebb74d0174a2e6f285ec6990d93a80743d9c6af1a684157ad21f82282b3ca |
|
| MD5 | 4a4ab3b321dc9e7cc78d100746936385 |
|
| BLAKE2b-256 | 05268619aee069d0f2d5f537a4ff23243b3f1f848f41d3cf2f66859b188178c6 |
