AWS의 모든 리소스를 나열하는 방법이 있습니까?

AWS의 모든 리소스를 나열하는 방법이 있습니까?

---

AWS의 모든 리소스를 나열하는 방법이 있습니까? 모든 리전, 모든 리소스에 대해 .. 모든 EC2 인스턴스, 모든 VPC, API Gateway의 모든 API 등을 나열하는 등 ... 내 계정에 대한 모든 리소스를 나열하고 싶습니다. 어떤 리소스를 사용할 수 있는지 찾기가 어렵 기 때문입니다. 지금 포기하세요.

---

아니.

각 AWS 서비스 (예 : Amazon EC2, Amazon S3)에는 고유 한 API 호출 세트가 있습니다. 또한 각 지역 은 독립적입니다.

모든 리소스 목록을 얻으려면 모든 지역의 모든 서비스에 대해 API 호출을해야합니다.

AWS Config 를 활성화 할 수 있습니다 .

AWS Config는 AWS 계정의 AWS 리소스 구성에 대한 자세한보기를 제공합니다. 여기에는 리소스가 서로 관련되는 방식과 과거에 리소스가 구성된 방식이 포함되어있어 시간이 지남에 따라 구성 및 관계가 어떻게 변경되는지 확인할 수 있습니다.

그러나 AWS Config는 AWS 계정의 모든 것이 아니라 EC2 / VPC 관련 리소스에 대한 정보 만 수집합니다.

---

예. 태그 편집기를 사용하십시오 . 클릭하여 개별 리소스를 관리 할 수 ​​있습니다.

https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/tag-editor.html

---

태그 편집기를 사용할 수 있습니다.

1. AWS 콘솔로 이동
2. 상단 탐색 창에서 Resource Groups드롭 다운을 클릭합니다.
3. 딸깍 하는 소리 Tag Editor

여기에서 검색 할 특정 지역을 선택하거나 드롭 다운에서 모든 지역을 선택할 수 있습니다. 그런 다음 검색하려는 실제 리소스를 선택하거나 개별 리소스를 클릭 할 수도 있습니다.

---

Use PacBot (Policy as Code Bot) -클라우드에 대한 지속적인 규정 준수 모니터링, 규정 준수보고 및 보안 자동화를위한 플랫폼 인 오픈 소스 프로젝트입니다. 모든 계정과 모든 지역의 모든 리소스는 PacBot에 의해 검색되며 정책 준수를 측정하기 위해 이러한 정책에 대해 평가됩니다. 검색된 모든 리소스를 검색하는 기능을 제공하는 Omni Search 기능도 사용할 수 있습니다. PacBot을 통해 리소스 정보를 해지 / 삭제할 수 있습니다.

옴니 검색

결과 필터링이 포함 된 검색 결과 페이지

자산 360 / 자산 세부 정보 페이지

다음은 PacBot의 주요 기능입니다.

• Continuous compliance assessment.
• Detailed compliance reporting.
• Auto-Fix for policy violations.
• Omni Search - Ability to search all discovered resources.
• Simplified policy violation tracking.
• Self-Service portal.
• Custom policies and custom auto-fix actions.
• Dynamic asset grouping to view compliance.
• Ability to create multiple compliance domains.
• Exception management.
• Email Digests.
• Supports multiple AWS accounts.
• Completely automated installer.
• Customizable dashboards.
• OAuth2 Support.
• Azure AD integration for login.
• Role-based access control.
• Asset 360 degree.

---

I'd go with the "tag editor" in "resource groups" for this, as suggested by Ashwini.

You can easily list all resources in all regions without any setup etc.
And although this does include all the default VPCs + security groups etc (so you'll get ~140 items even if your account is empty), you can still fairly easily filter this, either within tag editor, or export to csv and filter in Excel, for example.

---

The AWS-provided tools are not useful because they are not comprehensive.

In my own quest to mitigate this problem and pull a list of all of my AWS resources, I found this: https://github.com/JohannesEbke/aws_list_all

I have not tested it yet, but it looks legit.

---

AWS wants you to forget resources and then pay for them...

---

The AWS Billing Management Console will give you a Month-to-Date Spend by Service rundown.

---

Yes.

I had the same issue, trying to figure out what exactly is going on in my AWS account.

Eventually, I ended up writing AWSRetriver, a desktop tool to list AWS resources on all regions.

It is a simple and straight-forward tool that lists everything... (hopefully)

---

I know it is old question but I would like to help too.

Actually, we have AWS Config, which help us to search for all resources in our cloud. You can perform SQL queries too.

I really encourage you all to know this awesome service.

---

I am also looking for similar feature "list all resources" in AWS but could not find anything good enough.

"Resource Groups" does not help because it only list resources which have been tagged and user have to specify the tag. If you miss to tag a resource, that won't appear in "Resource Groups" .

UI of "Create a resource group"

A more suitable feature is "Resource Groups"->"Tag Editor" as already mentioned in the previous post. Select region(s) and resource type(s) to see listing of resources in Tag editor. This serves the purpose but not very user-friendly because I have to enter region and resource type every time I want to use it. I am still looking for easy to use UI.

UI of "Find resource" under "Tag Editor"

---

No,
There is no way to get all resources within your account in one go. Each region is independent and for some services like IAM concept of a region does not exist at all. Although there are API calls available to list down resources and services.
For example:

To get list of all available regions for your account:

output, err := client.DescribeRegions(&ec2.DescribeRegionsInput{})

To get list of IAM users, roles or group you can use:

client.GetAccountAuthorizationDetails(&iam.GetAccountAuthorizationDetailsInput{})

You can find more detail about API calls and their use at: https://docs.aws.amazon.com/sdk-for-go/api/service/iam/

Above link is only for IAM. Similarly, you can find API for all other resources and services.

---

Try this

For only ec2:

from skew import scan

    arn = scan('arn:aws:ec2:us-west-2:123456789012:instance/i-12345678')
    for resource in arn:
        print(resource.data)

For all resources:

arn = scan('arn:aws:*:*:<<youraccountId>>:instance*')
for resource in arn:
    print(resource.data)

Reference : https://github.com/scopely-devops/skew

---

It's way late but you should look at this. Not CLI I know but still worth just knocking out a little shell script to do what you need:

https://pypi.org/project/aws-list-all/

It's a python library that in it's own words:

"Project description List all resources in an AWS account, all regions, all services(*). Writes JSON files for further processing.

(*) No guarantees for completeness. Use billing alerts if you are worried about costs."

---

You can use a query in the AWS Config Console here. (Region may change for you) https://console.aws.amazon.com/config/home?region=us-east-1#/resources/query

the query will look like.

SELECT
  resourceId,
  resourceName,
  resourceType,
  relationships
WHERE
relationships.resourceId = 'vpc-#######'

---

Another option is use this script that execute "aws configservice list-discovered-resources --resource-type" for every resource

for i in  AWS::EC2::CustomerGateway AWS::EC2::EIP AWS::EC2::Host AWS::EC2::Instance AWS::EC2::InternetGateway AWS::EC2::NetworkAcl AWS::EC2::NetworkInterface AWS::EC2::RouteTable AWS::EC2::SecurityGroup AWS::EC2::Subnet AWS::CloudTrail::Trail AWS::EC2::Volume AWS::EC2::VPC AWS::EC2::VPNConnection AWS::EC2::VPNGateway AWS::IAM::Group AWS::IAM::Policy AWS::IAM::Role AWS::IAM::User AWS::ACM::Certificate AWS::RDS::DBInstance AWS::RDS::DBSubnetGroup AWS::RDS::DBSecurityGroup AWS::RDS::DBSnapshot AWS::RDS::EventSubscription AWS::ElasticLoadBalancingV2::LoadBalancer AWS::S3::Bucket AWS::SSM::ManagedInstanceInventory AWS::Redshift::Cluster AWS::Redshift::ClusterSnapshot AWS::Redshift::ClusterParameterGroup AWS::Redshift::ClusterSecurityGroup  AWS::Redshift::ClusterSubnetGroup AWS::Redshift::EventSubscription AWS::CloudWatch::Alarm AWS::CloudFormation::Stack AWS::DynamoDB::Table AWS::AutoScaling::AutoScalingGroup AWS::AutoScaling::LaunchConfiguration AWS::AutoScaling::ScalingPolicy AWS::AutoScaling::ScheduledAction AWS::CodeBuild::Project AWS::WAF::RateBasedRule AWS::WAF::Rule AWS::WAF::WebACL AWS::WAFRegional::RateBasedRule AWS::WAFRegional::Rule AWS::WAFRegional::WebACL AWS::CloudFront::Distribution  AWS::CloudFront::StreamingDistribution AWS::WAF::RuleGroup AWS::WAFRegional::RuleGroup AWS::Lambda::Function AWS::ElasticBeanstalk::Application AWS::ElasticBeanstalk::ApplicationVersion AWS::ElasticBeanstalk::Environment AWS::ElasticLoadBalancing::LoadBalancer AWS::XRay::EncryptionConfig AWS::SSM::AssociationCompliance AWS::SSM::PatchCompliance AWS::Shield::Protection AWS::ShieldRegional::Protection AWS::Config::ResourceCompliance AWS::CodePipeline::Pipeline; do aws configservice list-discovered-resources --resource-type $i; done

참고 URL : https://stackoverflow.com/questions/44391817/is-there-a-way-to-list-all-resources-in-aws