U {l^@sddlZddlZddlZddlmZmZmZddlZddlm Z ddl m Z m Z m Z mZmZmZedZeejdejGdddZdS) N)IteratorListOptional) ClientError) DataMapper EC2DataMapper ElbDataMapperDynamoDbTableDataMapper InventoryData RdsDataMapperzinventory.readers LOG_LEVELc@sreZdZedeeeegfddZ ejdddZ e e e e ddd Zd d Ze edd d ZdS)AwsConfigInventoryReaderstscCs||_||_||_dS)N)_lambda_context _sts_client_mappers)selflambda_context sts_clientmappersrH/Users/csantosb/Documents/Writing/inventory/rpt/src/inventory/readers.py__init__sz!AwsConfigInventoryReader.__init__)returncCs2tjd|dd|dd|ddtjddS)NconfigZ CredentialsZ AccessKeyIdZSecretAccessKeyZ SessionTokenZ AWS_REGION)Zaws_access_key_idZaws_secret_access_keyZaws_session_tokenZ region_name)boto3clientosenviron)r sts_responserrr_get_config_clients    z+AwsConfigInventoryReader._get_config_client) account_idrc csztd||jjd|d|dtjd|ddd}||}d }|jd |d }| d d }| d g}t dt |d|d|V|sPqqPWn:t k r}ztj d||ddgVW5d}~XYnXdS)Nzassuming role on account zarn:z:iam::z:role/CROSS_ACCOUNT_ROLE_NAMEz -Assumed-Rolei)ZRoleArnZRoleSessionNameZDurationSecondszSELECT arn, resourceType, configuration, tags WHERE resourceType IN ('AWS::EC2::Instance', 'AWS::ElasticLoadBalancingV2::LoadBalancer', 'AWS::ElasticLoadBalancing::LoadBalancer', 'AWS::DynamoDB::Table', 'AWS::RDS::DBInstance')) Expression NextTokenr%Resultszpage returned z and next token of ''zXReceived error: %s while retrieving resources from account %s, moving onto next account.T)exc_info)_loggerinforZ assume_role_get_aws_partitionrrr select_resource_configgetdebuglenrerror)rr!rZ config_clientZ next_tokenZresources_resultresultsexrrr_get_resources_from_accounts($   z4AwsConfigInventoryReader._get_resources_from_accountcCs&|jjd}t|dkr"|dSdS)N:r#)rinvoked_function_arnsplitr/)rZ arn_partsrrrr+;sz+AwsConfigInventoryReader._get_aws_partitioncstdg}ttjd}|D]}td|d||dD]}tdt|d|D]b}t|t fdd|j Dd}|st d d qft| }d krf| |qfqHq"td t||S) Nz/starting retrieval of inventory from AWS Config ACCOUNT_LISTz!retrieving inventory for account idz$current page of inventory contained z items from AWS Configc3s |]}|dr|VqdS) resourceTypeN)can_map).0mapperresourcerr QszKAwsConfigInventoryReader.get_resources_from_all_accounts..z=skipping mapping, unable to find mapper for resource type of r:rz-completed getting inventory, with a total of )r)r*jsonloadsrrr3r.r/nextrwarningmapextend)r all_inventoryZaccountsZaccountZresource_list_pageZ raw_resourcer=Zinventory_itemsrr>rget_resources_from_all_accounts@s"  z8AwsConfigInventoryReader.get_resources_from_all_accountsN)__name__ __module__ __qualname__rrrrr r rr strrrr3r+r rHrrrrr s $r )rAloggingrtypingrrrrbotocore.exceptionsrinventory.mappersrrrr r r getLoggerr)setLevelrr-INFOr rrrrs