def list_from_aws(cls: Type["RDSInstanceResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: logger = Logger() dbinstances = {} paginator = client.get_paginator("describe_db_instances") for resp in paginator.paginate(): for db in resp.get("DBInstances", []): resource_arn = db["DBInstanceArn"] db["Tags"] = client.list_tags_for_resource( ResourceName=resource_arn).get("TagList", []) db["Backup"] = [] dbinstances[resource_arn] = db backup_paginator = client.get_paginator( "describe_db_instance_automated_backups") for resp in backup_paginator.paginate(): for backup in resp.get("DBInstanceAutomatedBackups", []): if backup["DBInstanceArn"] in dbinstances: dbinstances[backup["DBInstanceArn"]]["Backup"].append( backup) else: logger.info( event=AWSLogEvents.ScanAWSResourcesNonFatalError, msg= (f'Unable to find matching DB Instance {backup["DBInstanceArn"]} ' "(Possible Deletion)"), ) return ListFromAWSResult(resources=dbinstances)
def list_from_aws( cls: Type["TransitGatewayResourceSpec"], client: BaseClient, account_id: str, region: str ) -> ListFromAWSResult: """Return a dict of dicts of the format: {'tgw_1_arn': {tgw_1_dict}, 'tgw_2_arn': {tgw_2_dict}, ...} Where the dicts represent results from describe_transit_gateways.""" tgws = {} paginator = client.get_paginator("describe_transit_gateways") tgw_filters = [{"Name": "owner-id", "Values": [account_id]}] for resp in paginator.paginate(Filters=tgw_filters): for tgw in resp["TransitGateways"]: resource_arn = tgw["TransitGatewayArn"] vpc_attachments: List[Dict[str, Any]] = [] vpc_attachments_paginator = client.get_paginator( "describe_transit_gateway_attachments" ) vpc_filters = [ {"Name": "transit-gateway-id", "Values": [tgw["TransitGatewayId"]]}, {"Name": "resource-type", "Values": ["vpc"]}, ] for vpc_attachments_resp in vpc_attachments_paginator.paginate(Filters=vpc_filters): vpc_attachments += vpc_attachments_resp["TransitGatewayAttachments"] tgw["VPCAttachments"] = vpc_attachments tgws[resource_arn] = tgw return ListFromAWSResult(resources=tgws)
def list_from_aws( cls: Type["ClassicLoadBalancerResourceSpec"], client: BaseClient, account_id: str, region: str, ) -> ListFromAWSResult: """Return a dict of dicts of the format: {'lb_1_arn': {lb_1_dict}, 'lb_2_arn': {lb_2_dict}, ...} Where the dicts represent results from describe_load_balancers.""" paginator = client.get_paginator("describe_load_balancers") load_balancers = {} for resp in paginator.paginate(): for lb in resp["LoadBalancerDescriptions"]: lb_name = lb["LoadBalancerName"] resource_arn = cls.generate_arn(account_id=account_id, region=region, resource_id=lb_name) try: lb_attrs = cls.get_lb_attrs(client, lb_name) lb.update(lb_attrs) lb["Type"] = "classic" load_balancers[resource_arn] = lb except ClientError as c_e: if (getattr(c_e, "response", {}).get("Error", {}).get( "Code", {}) != "LoadBalancerNotFound"): raise c_e return ListFromAWSResult(resources=load_balancers)
def list_from_aws(cls: Type["OUResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'ou_1_arn': {ou_1_dict}, 'ou_2_arn': {ou_2_dict}, ...} Where the dicts represent results from list_organizational_units_for_parent with some additional info 'Path') tagged on.""" org_resp = client.describe_organization() org_arn = org_resp["Organization"]["Arn"] ous = {} paginator = client.get_paginator("list_roots") for resp in paginator.paginate(): for root in resp["Roots"]: root_id, root_arn = root["Id"], root["Arn"] root_path = f"/{root['Name']}" ous[root_arn] = root ous[root_arn]["OrganizationArn"] = org_arn ous[root_arn]["Path"] = root_path ou_details = cls._recursively_get_ou_details_for_parent( client=client, parent_id=root_id, parent_path=root_path) for ou_detail in ou_details: arn = ou_detail["Arn"] ou_detail["OrganizationArn"] = org_arn ous[arn] = ou_detail return ListFromAWSResult(resources=ous)
def list_from_aws( cls: Type["OrgsAccountResourceSpec"], client: BaseClient, account_id: str, region: str ) -> ListFromAWSResult: """Return a dict of dicts of the format: {'ou_1_arn': {org_1_dict}, 'ou_2_arn': {org_2_dict}, ...} Where the dicts represent results from list_accounts_for_parent.""" org_resp = client.describe_organization() org_arn = org_resp["Organization"]["Arn"] # get all ou ids and arns as a dict ou_ids_arns = get_ou_ids_arns(client) # now look up accounts for each ou orgs_accounts = {} accounts_paginator = client.get_paginator("list_accounts_for_parent") for parent_id, parent_arn in ou_ids_arns.items(): for accounts_resp in accounts_paginator.paginate(ParentId=parent_id): for account in accounts_resp["Accounts"]: account_id = account["Id"] account_arn = f"arn:aws::::account/{account_id}" account["OrganizationArn"] = org_arn account["OUArn"] = parent_arn orgs_accounts[account_arn] = account return ListFromAWSResult(resources=orgs_accounts)
def list_from_aws(cls: Type["TargetGroupResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'target_group_1_arn': {target_group_1_dict}, 'target_group_2_arn': {target_group_2_dict}, ...} Where the dicts represent results from describe_target_groups.""" paginator = client.get_paginator("describe_target_groups") resources = {} for resp in paginator.paginate(): for resource in resp.get("TargetGroups", []): resource_arn = resource["TargetGroupArn"] try: resource[ "TargetHealthDescriptions"] = get_target_group_health( client, resource_arn) resources[resource_arn] = resource except ClientError as c_e: error_code = getattr(c_e, "response", {}).get("Error", {}).get("Code", {}) if error_code != "TargetGroupNotFound": raise c_e return ListFromAWSResult(resources=resources)
def list_from_aws(cls: Type["EKSClusterResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'cluster_1_arn': {cluster_1_dict}, 'cluster_2_arn': {cluster_2_dict}, ...} Where the dicts represent results from list_clusters.""" clusters = {} try: paginator = client.get_paginator("list_clusters") for resp in paginator.paginate(): for cluster_name in resp.get("clusters", []): resource_arn = cls.generate_arn(account_id=account_id, region=region, resource_id=cluster_name) clusters[resource_arn] = {"Name": cluster_name} except ClientError as c_e: response_error = getattr(c_e, "response", {}).get("Error", {}) error_code = response_error.get("Code", "") if error_code != "AccessDeniedException": raise c_e error_msg = response_error.get("Message", "") if error_msg != f"Account {account_id} is not authorized to use this service": raise c_e return ListFromAWSResult(resources=clusters)
def list_from_aws(cls: Type["IAMRoleResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'role_1_arn': {role_1_dict}, 'role_2_arn': {role_2_dict}, ...} Where the dicts represent results from list_roles and additional info per role from list_targets_by_role.""" roles = {} paginator = client.get_paginator("list_roles") for resp in paginator.paginate(): for role in resp.get("Roles", []): role_name = role["RoleName"] assume_role_policy_document = copy.deepcopy( role["AssumeRolePolicyDocument"]) assume_role_policy_document_text = policy_doc_dict_to_sorted_str( assume_role_policy_document) role[ "AssumeRolePolicyDocumentText"] = assume_role_policy_document_text for statement in assume_role_policy_document.get( "Statement", []): for obj in statement.get("Condition", {}).values(): for obj_key in obj.keys(): if obj_key.lower() == "sts:externalid": obj[obj_key] = "REMOVED" policies_result = get_attached_role_policies(client, role_name) policies = policies_result role["PolicyAttachments"] = policies resource_arn = role["Arn"] roles[resource_arn] = role return ListFromAWSResult(resources=roles)
def list_from_aws(cls: Type["IAMPolicyResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'role_1_arn': {role_1_dict}, 'role_2_arn': {role_2_dict}, ...} Where the dicts represent results from list_policies and additional info per role from list_targets_by_role.""" policies = {} paginator = client.get_paginator("list_policies") for resp in paginator.paginate(Scope="Local"): for policy in resp.get("Policies", []): resource_arn = policy["Arn"] default_policy_version = policy["DefaultVersionId"] policy_version_resp = client.get_policy_version( PolicyArn=resource_arn, VersionId=default_policy_version) default_policy_version_document_text = policy_version_resp[ "PolicyVersion"]["Document"] policy[ "DefaultVersionPolicyDocumentText"] = policy_doc_dict_to_sorted_str( default_policy_version_document_text) policies[resource_arn] = policy return ListFromAWSResult(resources=policies)
def list_from_aws(cls: Type["IAMPolicyResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'role_1_arn': {role_1_dict}, 'role_2_arn': {role_2_dict}, ...} Where the dicts represent results from list_policies and additional info per role from list_targets_by_role.""" policies = {} paginator = client.get_paginator("list_policies") for resp in paginator.paginate(Scope="Local"): for policy in resp.get("Policies", []): resource_arn = policy["Arn"] default_policy_version = policy["DefaultVersionId"] try: default_policy_version_document_text = cls.get_policy_version_document_text( client=client, policy_arn=resource_arn, policy_version=default_policy_version, ) policy[ "DefaultVersionPolicyDocumentText"] = policy_doc_dict_to_sorted_str( default_policy_version_document_text) policies[resource_arn] = policy except ClientError as c_e: error_code = getattr(c_e, "response", {}).get("Error", {}).get("Code", {}) if error_code != "NoSuchEntity": raise c_e return ListFromAWSResult(resources=policies)
def list_from_aws(cls: Type["EventsRuleResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'rule_1_arn': {rule_1_dict}, 'rule_2_arn': {rule_2_dict}, ...} Where the dicts represent results from list_rules and additional info per rule from list_targets_by_rule.""" rules = {} paginator = client.get_paginator("list_rules") for resp in paginator.paginate(): for rule in resp.get("Rules", []): resource_arn = rule["Arn"] try: rule["Targets"] = list_targets_by_rule( client=client, rule_name=rule["Name"]) rules[resource_arn] = rule except ClientError as c_e: error_code = getattr(c_e, "response", {}).get("Error", {}).get("Code", {}) if error_code != "ResourceNotFoundException": raise c_e return ListFromAWSResult(resources=rules)
def list_from_aws(cls: Type["ACMCertificateResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: cert_arns: List[str] = [] paginator = client.get_paginator("list_certificates") for resp in paginator.paginate( Includes={ "keyTypes": [ "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1", ] }): cert_arns.extend([ cert_dict["CertificateArn"] for cert_dict in resp.get("CertificateSummaryList", []) ]) certs: Dict[str, Dict[str, Any]] = {} for cert_arn in cert_arns: try: cert_data = get_cert_data(client=client, cert_arn=cert_arn) certs[cert_arn] = cert_data except ClientError as c_e: error_code = getattr(c_e, "response", {}).get("Error", {}).get("Code", {}) if error_code not in ("ResourceNotFoundException", ): raise c_e return ListFromAWSResult(resources=certs)
def get_detector_members(cls: Type["DetectorResourceSpec"], client: BaseClient, detector_id: str, region: str) -> List[Dict[str, Any]]: member_resps: List[Dict[str, Any]] = [] list_members_paginator = client.get_paginator("list_members") for list_members_resp in list_members_paginator.paginate( DetectorId=detector_id): member_resps += list_members_resp.get("Members", []) members = [] if member_resps: for member_resp in member_resps: member_account_id = member_resp["AccountId"] member_detector_id = member_resp["DetectorId"] # member_email = member_resp["Email"] member_email = member_resp.get("Email", "[NONE]") member_relationship_status = member_resp["RelationshipStatus"] # member_invited_at = member_resp["InvitedAt"] member_invited_at = member_resp.get("InvitedAt", "[NONE]") member_updated_at = member_resp["UpdatedAt"] member_detector_arn = cls.generate_arn( account_id=member_account_id, region=region, resource_id=member_detector_id, ) member = { "DetectorArn": member_detector_arn, "Email": member_email, "RelationshipStatus": member_relationship_status, "InvitedAt": member_invited_at, "UpdatedAt": member_updated_at, } members.append(member) return members
def list_from_aws(cls: Type["DetectorResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'detector_1_arn': {detector_1_dict}, 'detector_2_arn': {detector_2_dict}, ...} Where the dicts represent results from list_detectors and list_members, get_detector for each listed detector.""" list_detectors_paginator = client.get_paginator("list_detectors") detectors: Dict[str, Dict[str, Any]] = {} for list_detectors_resp in list_detectors_paginator.paginate(): detector_ids = list_detectors_resp["DetectorIds"] for detector_id in detector_ids: resource_arn = cls.generate_arn(account_id=account_id, region=region, resource_id=detector_id) try: detectors[resource_arn] = cls.get_detector( client, detector_id, region) except ClientError as c_e: error_code = getattr(c_e, "response", {}).get("Error", {}).get("Code", {}) if error_code != "BadRequestException": raise c_e return ListFromAWSResult(resources=detectors)
def list_from_aws(cls: Type["IAMUserResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'user_1_arn': {user_1_dict}, 'user_2_arn': {user_2_dict}, ...} Where the dicts represent results from list_users and additional info per user from list_targets_by_user.""" users = {} paginator = client.get_paginator("list_users") for resp in paginator.paginate(): for user in resp.get("Users", []): resource_arn = user["Arn"] user_name = user["UserName"] access_keys_paginator = client.get_paginator( "list_access_keys") access_keys: List[Dict[str, Any]] = [] for access_keys_resp in access_keys_paginator.paginate( UserName=user_name): for resp_access_key in access_keys_resp[ "AccessKeyMetadata"]: access_key = copy.deepcopy(resp_access_key) access_key_id = access_key["AccessKeyId"] last_used_resp = client.get_access_key_last_used( AccessKeyId=access_key_id) access_key["AccessKeyLastUsed"] = last_used_resp[ "AccessKeyLastUsed"] access_keys.append(access_key) user["AccessKeys"] = access_keys mfa_devices_paginator = client.get_paginator( "list_mfa_devices") mfa_devices: List[Dict[str, Any]] = [] for mfa_devices_resp in mfa_devices_paginator.paginate( UserName=user_name): mfa_devices += mfa_devices_resp["MFADevices"] user["MfaDevices"] = mfa_devices try: login_profile_resp = client.get_login_profile( UserName=user_name) user["LoginProfile"] = login_profile_resp["LoginProfile"] except ClientError as c_e: if "NoSuchEntity" not in str(c_e): raise c_e users[resource_arn] = user return ListFromAWSResult(resources=users)
def list_targets_by_rule(client: BaseClient, rule_name: str) -> List[Dict[str, Any]]: """Return a list of target dicts for a given rule name""" targets = [] targets_paginator = client.get_paginator("list_targets_by_rule") for targets_resp in targets_paginator.paginate(Rule=rule_name): targets += targets_resp.get("Targets", []) return targets
def get_attached_role_policies(client: BaseClient, role_name: str) -> List[Dict[str, Any]]: """Get attached role policies""" policies = [] paginator = client.get_paginator("list_attached_role_policies") for resp in paginator.paginate(RoleName=role_name): for policy in resp.get("AttachedPolicies", []): policies.append(policy) return policies
def parse_paginators( client: BaseClient, service_paginator_model: PaginatorModel ) -> Generator[Paginator, None, None]: for paginator_name in sorted(service_paginator_model._paginator_config): paginator = client.get_paginator(xform_name(paginator_name)) yield Paginator( paginator._model.name, list(parse_methods(get_instance_public_methods(paginator))))
def get_embedded_role_policies(client: BaseClient, role_name: str) -> List[Dict[str, Any]]: """Get attached embedded policies""" policies = [] paginator = client.get_paginator("list_role_policies") for resp in paginator.paginate(RoleName=role_name): for policy_name in resp.get("PolicyNames", []): policy = get_embedded_role_policy(client, role_name, policy_name) policies.append(policy) return policies
def list_from_aws( cls: Type["EC2RouteTableResourceSpec"], client: BaseClient, account_id: str, region: str ) -> ListFromAWSResult: paginator = client.get_paginator("describe_route_tables") route_tables = {} for resp in paginator.paginate(): for attachment in resp.get("RouteTables", []): resource_arn = cls.generate_arn(account_id, region, attachment["RouteTableId"]) route_tables[resource_arn] = attachment return ListFromAWSResult(resources=route_tables)
def list_from_aws(cls: Type["SecurityGroupResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'security_group_1_arn': {security_group_1_dict}, 'security_group_2_arn': {security_group_2_dict}, ...} Where the dicts represent results from describe_subnets.""" security_groups = {} paginator = client.get_paginator("describe_security_groups") for resp in paginator.paginate(): for security_group in resp.get("SecurityGroups", []): resource_arn = cls.generate_arn( account_id=account_id, region=region, resource_id=security_group["GroupId"]) for ingress_rule in security_group.get("IpPermissions", []): for ip_range in ingress_rule.get("IpRanges", []): cidr = ip_range["CidrIp"] ipv4_network = ipaddress.IPv4Network(cidr, strict=False) first_ip, last_ip = int(ipv4_network[0]), int( ipv4_network[-1]) ip_range["FirstIp"] = first_ip ip_range["LastIp"] = last_ip for ip_range in ingress_rule.get("Ipv6Ranges", []): cidr = ip_range["CidrIpv6"] ipv6_network = ipaddress.IPv6Network(cidr, strict=False) first_ip, last_ip = int(ipv6_network[0]), int( ipv6_network[-1]) ip_range["FirstIp"] = first_ip ip_range["LastIp"] = last_ip for egress_rule in security_group.get("IpPermissionsEgress", []): for ip_range in egress_rule.get("IpRanges", []): cidr = ip_range["CidrIp"] ipv4_network = ipaddress.IPv4Network(cidr, strict=False) first_ip, last_ip = int(ipv4_network[0]), int( ipv4_network[-1]) ip_range["FirstIp"] = first_ip ip_range["LastIp"] = last_ip for ip_range in egress_rule.get("Ipv6Ranges", []): cidr = ip_range["CidrIpv6"] ipv6_network = ipaddress.IPv6Network(cidr, strict=False) first_ip, last_ip = int(ipv6_network[0]), int( ipv6_network[-1]) ip_range["FirstIp"] = first_ip ip_range["LastIp"] = last_ip security_groups[resource_arn] = security_group return ListFromAWSResult(resources=security_groups)
def list_from_aws(cls: Type["RDSSnapshotResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: dbinstances = {} paginator = client.get_paginator("describe_db_snapshots") for resp in paginator.paginate(): for db in resp.get("DBSnapshots", []): resource_arn = db["DBSnapshotArn"] db["DBInstanceArn"] = cls.generate_instance_arn( account_id, region, db["DBInstanceIdentifier"]) dbinstances[resource_arn] = db return ListFromAWSResult(resources=dbinstances)
def list_from_aws( cls: Type["HostedZoneResourceSpec"], client: BaseClient, account_id: str, region: str ) -> ListFromAWSResult: """Return a dict of dicts of the format: {'hosted_zone_1_arn': {hosted_zone_1_dict}, 'hosted_zone_2_arn': {hosted_zone_2_dict}, ...} Where the dicts represent results from list_hosted_zones.""" hosted_zones = {} paginator = client.get_paginator("list_hosted_zones") for resp in paginator.paginate(): for hosted_zone in resp.get("HostedZones", []): hosted_zone_id = hosted_zone["Id"].split("/")[-1] resource_arn = cls.generate_arn(resource_id=hosted_zone_id, account_id=account_id) record_sets_paginator = client.get_paginator("list_resource_record_sets") zone_resource_record_sets = [] for record_sets_resp in record_sets_paginator.paginate(HostedZoneId=hosted_zone_id): zone_resource_record_sets += record_sets_resp.get("ResourceRecordSets", []) hosted_zone["ResourceRecordSets"] = zone_resource_record_sets hosted_zones[resource_arn] = hosted_zone return ListFromAWSResult(resources=hosted_zones)
def list_from_aws(cls: Type["EventsRuleResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'rule_1_arn': {rule_1_dict}, 'rule_2_arn': {rule_2_dict}, ...} Where the dicts represent results from list_rules and additional info per rule from list_targets_by_rule.""" rules = {} paginator = client.get_paginator("list_rules") for resp in paginator.paginate(): for rule in resp.get("Rules", []): resource_arn = rule["Arn"] rules[resource_arn] = rule targets_paginator = client.get_paginator( "list_targets_by_rule") rule["Targets"] = [] for targets_resp in targets_paginator.paginate( Rule=rule["Name"]): rule["Targets"] += targets_resp.get("Targets", []) return ListFromAWSResult(resources=rules)
def list_from_aws(cls: Type["OrgsAccountResourceSpec"], client: BaseClient, account_id: str, region: str) -> ListFromAWSResult: """Return a dict of dicts of the format: {'ou_1_arn': {org_1_dict}, 'ou_2_arn': {org_2_dict}, ...} Where the dicts represent results from list_accounts_for_parent.""" org_resp = client.describe_organization() org_arn = org_resp["Organization"]["Arn"] # get all parents. parents include roots and ous. parent_ids_arns = {} paginator = client.get_paginator("list_roots") for resp in paginator.paginate(): for root in resp["Roots"]: root_id, root_arn = root["Id"], root["Arn"] parent_ids_arns[root_id] = root_arn root_path = f"/{root['Name']}" ou_details = cls._recursively_get_ou_details_for_parent( client=client, parent_id=root_id, parent_path=root_path) for ou_detail in ou_details: ou_id, ou_arn = ou_detail["Id"], ou_detail["Arn"] parent_ids_arns[ou_id] = ou_arn # now look up accounts for each ou orgs_accounts = {} accounts_paginator = client.get_paginator("list_accounts_for_parent") for parent_id, parent_arn in parent_ids_arns.items(): for accounts_resp in accounts_paginator.paginate( ParentId=parent_id): for account in accounts_resp["Accounts"]: account_id = account["Id"] account_arn = f"arn:aws::::account/{account_id}" account["OrganizationArn"] = org_arn account["OUArn"] = parent_arn orgs_accounts[account_arn] = account return ListFromAWSResult(resources=orgs_accounts)
def _recursively_get_ou_details_for_parent( cls: Type["OUResourceSpec"], client: BaseClient, parent_id: str, parent_path: str) -> List[Dict[str, Any]]: ous = [] paginator = client.get_paginator( "list_organizational_units_for_parent") for resp in paginator.paginate(ParentId=parent_id): for ou in resp["OrganizationalUnits"]: ou_id = ou["Id"] path = f"{parent_path}/{ou['Name']}" ou["Path"] = path ous.append(ou) ous += cls._recursively_get_ou_details_for_parent( client=client, parent_id=ou_id, parent_path=path) return ous
def parse_paginators( client: BaseClient, service_paginator_model: PaginatorModel ) -> Generator[Paginator, None, None]: paginator_config = ( service_paginator_model._paginator_config # pylint: disable=protected-access ) for paginator_name in sorted(paginator_config): paginator = client.get_paginator(xform_name(paginator_name)) paginator_model = paginator._model # pylint: disable=protected-access yield Paginator( name=paginator_model.name, docstring=clean_doc(getdoc(paginator)), methods=list(parse_methods( get_instance_public_methods(paginator))), )
def get_ou_ids_arns(client: BaseClient) -> Dict[str, str]: """Build and return a dict of OU ids to arns""" ou_ids_arns = {} paginator = client.get_paginator("list_roots") for resp in paginator.paginate(): for root in resp["Roots"]: root_id, root_arn = root["Id"], root["Arn"] ou_ids_arns[root_id] = root_arn root_path = f"/{root['Name']}" ou_details = recursively_get_ou_details_for_parent( client=client, parent_id=root_id, parent_path=root_path ) for ou_detail in ou_details: ou_id, ou_arn = ou_detail["Id"], ou_detail["Arn"] ou_ids_arns[ou_id] = ou_arn return ou_ids_arns
def list_from_aws( cls: Type["TransitGatewayVpcAttachmentResourceSpec"], client: BaseClient, account_id: str, region: str, ) -> ListFromAWSResult: paginator = client.get_paginator( "describe_transit_gateway_vpc_attachments") attachments = {} for resp in paginator.paginate(): for attachment in resp.get("TransitGatewayVpcAttachments", []): resource_arn = cls.generate_arn( account_id, region, attachment["TransitGatewayAttachmentId"]) attachments[resource_arn] = attachment return ListFromAWSResult(resources=attachments)
def list_from_aws( cls: Type["VPCPeeringConnectionResourceSpec"], client: BaseClient, account_id: str, region: str, ) -> ListFromAWSResult: """Return a dict of dicts of the format: {'vpc_peering_connection_1_arn': {vpc_peering_connection_1_dict}, 'vpc_peering_connection_2_arn': {vpc_peering_connection_2_dict}, ...} Where the dicts represent results from describe_vpc_peering_connections.""" vpc_peering_connections = {} paginator = client.get_paginator("describe_vpc_peering_connections") for resp in paginator.paginate(): for vpc_pc in resp["VpcPeeringConnections"]: resource_arn = cls.generate_arn( resource_id=vpc_pc["VpcPeeringConnectionId"], account_id=account_id, region=region, ) accepter_info = vpc_pc["AccepterVpcInfo"] accepter_account_id = accepter_info["OwnerId"] accepter_vpc_id = accepter_info["VpcId"] accepter_region = accepter_info["Region"] accepter_vpc_arn = VPCResourceSpec.generate_arn( resource_id=accepter_vpc_id, account_id=accepter_account_id, region=accepter_region, ) requester_info = vpc_pc["RequesterVpcInfo"] requester_account_id = requester_info["OwnerId"] requester_vpc_id = requester_info["VpcId"] requester_region = requester_info["Region"] requester_vpc_arn = VPCResourceSpec.generate_arn( resource_id=requester_vpc_id, account_id=requester_account_id, region=requester_region, ) vpc_peering_connection = { "AccepterVpc": accepter_vpc_arn, "RequesterVpc": requester_vpc_arn, "Status": vpc_pc["Status"]["Code"], } vpc_peering_connections[resource_arn] = vpc_peering_connection return ListFromAWSResult(resources=vpc_peering_connections)