2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
I would say to start simple and create a script that accept region and account id as argument. A nice example is this one: https://anandmandilwar.com/2023/06/14/python-boto3-script-to-list-all-the-aws-resources-in-default-vpc-across-all-the-listed-aws-regions/
0
Adding to the other answer (which is correct - a script is one way to do this):
- While you can use an IAM user per region...
- ...IAM users are global within each account so you don't have to do that and it's far more convenient to use a single IAM user (or role) that has the permission required (read only in this case, it appears).
- There is no cost difference.
Also: Have you considered using AWS Config for this? There's nothing wrong with having a script to gather this information; but in large, multi-account environment Config can automatically collect the information you need and you can query Config directly.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
Where are you planning on running your script, and what is your outcome here, why do you want to do this?