AWS List Resources
#Network & Cloud#Cloud Security
An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.
Utilizes the AWS Cloud Control API to Manage Resources
Utilizes the AWS Cloud Control API to list the resources available in a specific AWS account and region(s). The resources that are discovered are saved in a JSON output file.
Ensure that you have your AWS credentials configured for the target account.
This can either be done
You can accomplish this by using environment variables or by specifying a named profile through the optional --profile argument. Read-only IAM permissions are adequate for this task.
If you execute the script in specific regions, it is advisable to also include the us-east-1 region.
This ensures that resources from global AWS services are also captured
This ensures that resources from global AWS services are also captured.
Example invocations:
pip install -r requirements.txt
python aws_list_resources.py --regions us-east-1,eu-central-1
python aws_list_resources.py --regions ALL
python aws_list_resources.py --regions ALL --include-resource-types AWS::EC2::*,AWS::DynamoDB::* --exclude-resource-types AWS::EC2::DHCPOptions,AWS::EC2::VPCGatewayAttachment
Supported arguments:
--exclude-resource-types: This option prevents the listing of specified resource types, which should be provided as a comma-separated list (wildcards are supported).
--include-resource-types: This option allows you to list only the specified resource types, which should also be provided as a comma-separated list (wildcards are supported).
