CloudMapper "stats" - Command to count AWS resources

2018.06.06

RSS feed

In my last post on the CloudMappercollect command, I showed how CloudMapper can now download all of the metadata about an account. In this post I introduce a simple new command called stats to count the resources in the account.

Counting the resources in an AWS account is sort of the "Hello world" of AWS API usage. There are lot's of similar projects and you'll likely want to tweak these for your specific needs. For the new functionality in CloudMapper, I use jq to perform the counting for me with queries such as .Reservations[].Instances|length run against the ec2 describe-instances call, as shown in the code here.

Using CloudMapper's inventory I'm able to quickly iterate across all resources in all regions across all accounts. The stats command can be called with the name of an individual account, a list of names, or the special keyword all to get stats on all accounts configured in the config.json file.

Here is some sample output. The output is tab separated to make it easy to copy into Excel.

$ python cloudmapper.py stats --account all
    prod    demo
S3 buckets              0       0
IAM users               0       0
IAM roles               0       0
Route53 hosted zones    0       0
Route53 records         0       0
Route53 domains         0       0
EC2 instances           3       3
EC2 AMIs                0       0
Network ACLs            0       0
Route tables            0       0
EC2 snapshots           0       0
VPC endpoints           0       0
VPN connections         0       0
DirectConnects          0       0
ELBs                    1       1
ELBv2s                  0       1
RDS instances           1       1
Redshift clusters       0       0
ElasticSearch domains   0       0
Elasticache clusters    0       0
SNS topics              0       0
SQS queues              0       0
CloudFronts             0       0
CloudSearch domains     0       0
ECR repositories        0       0
CloudFormation stacks   0       0
Autoscaling groups      0       0
ElasticBeanstalks       0       0
EFS                     0       0
Firehose streams        0       0
Glacier vaults          0       0
KMS keys                0       0
Lambda functions        0       0
Cloudwatch alarms       0       0
Config rules            0       0
Event rules             0       0
Log groups              0       0

The future commands build on the concepts here, especially the ability to look at multiple accounts at once.

Source code and instructions for using CloudMapper are at https://github.com/duo-labs/cloudmapper/