aws-go-tool

command module
v0.0.0-...-d0fd1eb Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 20, 2023 License: Apache-2.0 Imports: 1 Imported by: 0

README

aws-go-tool

Flags

Access Type Flag

Required

The "-a" flag needs to be one of the following:

  • role
  • profile
  • instance

If the flag is role, then the tool assumes that a list of cross account role names are going to be passed in. They need to be configured in the shared config file ~/.aws/config as follows:

[profile <profileName>]
role_arn = arn:aws:iam::123456789012:role/<roleName>
source_profile = saml
region = us-east-1
output = json

The source_profile = saml is also required, as that profile name is hardcoded into the tool as of now. This is a profile that needs to be configured in your ~/.aws/credentials file, and have access to assume the list of roles passed into the tool.

If the flag is profile, then the list should be profiles setup in your ~/.aws/credentials file.

If the flag is instance, then the script needs to be run from an instance with cross account access to the config file you pass in.

Profiles Flag

Required

The "-p" flag needs to be passed as a text file, with 1 profile per line.

profile1
profile2
profile3
profile4
Tags Flag

Optional

The "-g" flag can be passed as a text file with one tag name per line, to be added to the csv output.

Name1
Name2
Name3
Name4

Supported Commands

  • EC2
    • instanceslist
    • volumeslist
    • snapshotslist
    • imagelist
    • imagecheck
      • Checks the images in the account for any the are in use by the instances, and how many use it. It does not check for the AMI being shared to other accounts.
    • sgslist
    • sgruleslist
  • IAM
    • policieslist
    • roleslist
    • rolesupdate
      • Still in progress, but updates the list of roles to an 8 hour assume role duration
    • userslist
    • userupdatepw
      • Use the "-u" flag to pass in the username you wish to update the password for.
  • S3
    • bucketslist
    • filesize
      • This is used to gather the size of all file types in the specified buckets. Either a file with a list of buckets can be entered with the -b flag, or "public-only" can be passed to the same flag. If a file with a list of buckets is passed, it will only search the first account in the profiles file passed. If the public-only parameter is passed, it will search through all the accounts in the profiles file.
  • SSM
    • removedocumentpermissions
  • VPC
    • vpcslist
    • subnetslist
  • Workspaces (in progress)
TODO
  • Add printer function for csv
  • Add global option for yaml, json, or csv output
    • Update print functions to have yaml/yaml config to determine what to output in the report
  • Add logging for functions as they are called
  • Update the userslist function to include access key information per user
  • Update SSM documentation

Linux - https://afeeblechild.s3-us-west-2.amazonaws.com/go-binaries/aws-go-tool-linux.zip

Windows - https://afeeblechild.s3-us-west-2.amazonaws.com/go-binaries/aws-go-tool-windows.zip

Mac - https://afeeblechild.s3-us-west-2.amazonaws.com/go-binaries/aws-go-tool-mac.zip

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
lib
ec2
iam
s3
ssm
utils
vpc
workspace

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.