2024-03-06 09:49:46 +08:00
|
|
|
#!/usr/bin/env python3
|
2024-04-23 23:13:06 +08:00
|
|
|
"""
|
|
|
|
|
TODO:
|
|
|
|
|
get_discovered_resource_counts has a limit of 100 resources. need to use nextToken
|
|
|
|
|
to get count of all resources
|
|
|
|
|
"""
|
2024-03-06 09:49:46 +08:00
|
|
|
|
|
|
|
|
import boto3
|
2024-04-23 18:18:30 +08:00
|
|
|
import pandas as pd
|
|
|
|
|
import csv
|
2024-03-06 09:49:46 +08:00
|
|
|
|
|
|
|
|
client = boto3.client('config')
|
|
|
|
|
resp = client.get_discovered_resource_counts()
|
2024-04-23 23:13:06 +08:00
|
|
|
# print('totalDiscoveredResources', resp['totalDiscoveredResources'], sep=": ")
|
2024-04-23 18:18:30 +08:00
|
|
|
results = []
|
2024-03-06 09:49:46 +08:00
|
|
|
for item in resp['resourceCounts']:
|
|
|
|
|
reslist = client.list_discovered_resources(resourceType=item['resourceType'])
|
2024-04-23 23:13:06 +08:00
|
|
|
nextToken = reslist.get('nextToken')
|
|
|
|
|
while True:
|
|
|
|
|
for res in reslist['resourceIdentifiers']:
|
|
|
|
|
if item['resourceType'] in [
|
|
|
|
|
"AWS::Config::ResourceCompliance",
|
|
|
|
|
"AWS::Backup::RecoveryPoint",
|
|
|
|
|
"AWS::RDS::DBSnapshot",
|
|
|
|
|
"AWS::SSM::ManagedInstanceInventory",
|
|
|
|
|
"AWS::SSM::AssociationCompliance",
|
|
|
|
|
"AWS::IAM::Policy"
|
|
|
|
|
]:
|
|
|
|
|
continue
|
|
|
|
|
results += [[item['resourceType'], res['resourceId']]]
|
|
|
|
|
if nextToken is None:
|
|
|
|
|
break
|
|
|
|
|
reslist = client.list_discovered_resources(resourceType=item['resourceType'], nextToken=nextToken)
|
|
|
|
|
nextToken = reslist.get('nextToken')
|
2024-04-23 18:18:30 +08:00
|
|
|
|
|
|
|
|
df = pd.DataFrame(results, columns=['ResourceType', 'ResourceId'])
|
2024-04-23 23:13:06 +08:00
|
|
|
# print(df)
|
|
|
|
|
print(df.to_csv(index=False, quoting=csv.QUOTE_NONNUMERIC))
|
