def regions(): """generate list of regions from first account""" role = assume_role.new_role(accounts_db.accounts[0]) if role: ec2 = boto3.client('ec2', region_name='us-east-1', aws_access_key_id=role.get('Credentials').get('AccessKeyId'), aws_secret_access_key=role.get('Credentials').get('SecretAccessKey'), aws_session_token=role.get('Credentials').get('SessionToken') ) return ec2.describe_regions()
def regions(): """generate list of regions from first account""" role = assume_role.new_role(accounts_db.accounts[0]) if role: ec2 = boto3.client( "ec2", region_name="us-east-1", aws_access_key_id=role.get("Credentials").get("AccessKeyId"), aws_secret_access_key=role.get("Credentials").get("SecretAccessKey"), aws_session_token=role.get("Credentials").get("SessionToken"), ) return ec2.describe_regions()
"""probe for accounts presense by testing regions""" regions = get_session.regions() if regions: """generate output header""" output_bucket.append(iam_helper.inventory_managed_policies_header(encode)) """go through each account""" """------------------------------------------------""" multi_thread = [] """get tuple: account -> dict:, temp role creds -> dict:""" for account in accounts_db.accounts: """get temp creds from trusting roles""" role = assume_role.new_role(account) if role: """make an iam type client connection""" iam = get_session.connect( role, 'iam') """ call iam.list_policies() in multithreading mode """ thread_call = threading.Thread( target=iam_helper.inventory_managed_policies, args=(iam, account, output_bucket, encode)) multi_thread.append(thread_call) thread_call.start()
"""main""" """bucket to hold results""" output_bucket = [] """probe for accounts presense by testing regions""" regions = get_session.regions() if regions: """generate output header""" output_bucket.append(s3_helper.list_potential_exposed_files_header()) """go through each account and traverse each region""" """------------------------------------------------""" multi_thread = [] """get tuple: account -> dict:, temp role creds -> dict:""" for account in accounts_db.accounts: """get temp creds from trusting roles""" role = assume_role.new_role(account) if role: """make an s3 type client connection""" s3 = get_session.connect(role, 's3') """ call s3.list_exposed_files() in multithreading mode """ thread_call = threading.Thread( target=s3_helper.list_potential_exposed_files, args=(s3, account, output_bucket)) multi_thread.append(thread_call) thread_call.start() """wait for all threads to finish""" for t in multi_thread: t.join()