Skip to content

Latest commit

 

History

History

aws

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
aws-resource-counter.py
aws-resource-counter.py
 
 
requirements.txt
requirements.txt
 
 
sample_aws_resource_counts.csv
sample_aws_resource_counts.csv
 
 

README.md

AWS Resource Counter

Author: Yash Jhunjhunwala

Overview

The AWS Resource Counter is a Python script that allows you to count various AWS resources across your AWS organization or within a specific AWS account. It provides valuable insights into resource utilization, helping you keep track of your AWS resource usage efficiently.

Features:

  • Count resources such as EC2 instances, Lambda functions, ECS Fargate tasks, EKS clusters, ECR repositories, and ECR images.
  • Supports both organization-level and account-level resource counting.
  • Concurrently counts resources across multiple AWS regions for improved performance.
  • Logs resource counts and errors to a log file for auditing and troubleshooting.

Prerequisites

Before running the script, ensure you have the following prerequisites:

  1. Python: Make sure you have Python 3.x installed on your system.
  2. AWS CLI Configuration: Ensure that the AWS CLI is configured with the necessary AWS access and secret keys. You can configure AWS CLI credentials using the aws configure command.
  3. Boto3 Library: Install the Boto3 library, which is used to interact with AWS services. You can install it using pip: 
    pip install boto3
  4. Concurrent.futures Library: Install the concurrent.futures library for concurrent execution of resource counting tasks: 
    pip install futures
  5. TQDM Library (Optional): Install the TQDM library for progress bars: 
    pip install tqdm

Permissions Required

To run this script successfully, you need to ensure that the AWS IAM user or role you use to execute the script has the following permissions:

  • sts:AssumeRole: Permission to assume roles in member accounts (for organization-level counting).
  • organizations:ListAccounts and organizations:ListAccountsForParent: Permissions to list AWS accounts within the organization.
  • organizations:DescribeOrganization and organizations:DescribeOrganizationalUnit: Permissions to describe the organization's structure.
  • ec2:DescribeInstances: Permission to describe EC2 instances.
  • ec2:DescribeRegions: Permission to describe EC2 regions.
  • lambda:ListFunctions: Permission to list Lambda functions.
  • ecs:ListClusters and ecs:ListTasks: Permissions to list ECS clusters and tasks.
  • eks:ListClusters: Permission to list EKS clusters.
  • ecr:DescribeRepositories and ecr:DescribeImages: Permissions to describe ECR repositories and images. Ensure that the IAM user or role you use has these permissions attached. You can configure these permissions using the AWS IAM console or by updating the IAM policy associated with the user or role.
  • Sample Policy for the user
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "memberaccountsaccess",
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": [
                "arn:aws:iam::*:role/OrganizationAccountAccessRole"
            ]
        },
        {
            "Sid": "scriptaccess",
            "Effect": "Allow",
            "Action": [
                "organizations:ListAccounts",
                "organizations:DescribeOrganization",
                "ec2:DescribeInstances",
                "lambda:ListFunctions",
                "ecs:ListClusters",
                "ecs:ListTasks",
                "eks:ListClusters",
                "ecr:DescribeRepositories",
                "ecr:DescribeImages"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Getting Started

Follow these steps to get started with AWS Resource Counter:

Installation

  1. Clone the repository to your local machine: 
    git clone https://github.com/Qualys/totalcloud_resource_counter.git
  2. Change to the project directory: 
    cd totalcloud_resource_counter/aws
  3. Install dependencies in a virtual environment (recommended): 
    python -m venv venv
source venv/bin/activate  # On Windows, use: venv\Scripts\activate
pip install -r requirements.txt
  4. To count AWS resources, run the script and follow the prompts. 
    python3 aws-resource-counter.py
  5. Select the resource counting type (organization or account).
  6. Provide the Management Account Access Key and Secret Key when prompted.
  7. The script will start counting resources across your organization or account and display progress using TQDM (if installed).
  8. Resource counts and any errors encountered will be logged to a file named resource_count.log.
  9. The final resource counts for each region and the total counts will be displayed.

Output

The script generates a CSV file named resource_counts.csv that contains the resource counts for each AWS account (for organization-level counting) or for the single AWS account (for account-level counting).