Scott Piper 0xdabbad00

## Getting API count by service and categories
cat botocore/data/*/*/service*.json | jq -cr '.metadata.serviceId as $service | .operations[]| $service + ":" + .name' | sort | sed 's/20.*//' | uniq | sed 's/:.*//' | uniq -c


Category	Service	API Count
Analytics	CloudSearch Domain	3
Analytics	CloudSearch	37
Analytics	Athena	28
Analytics	Data Pipeline	19
Analytics	DataExchange	22
Analytics	EMR	33

## AWSExposedCredentialPolicy_DO_NOT_REMOVE
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Deny",
      "Action": [
        "iam:UpdateAccessKey",
        "ec2:RequestSpotInstances",
        "organizations:InviteAccountToOrganization",
        "lightsail:DownloadDefaultKeyPair",

## grab.sh
#!/bin/bash

# Use the AWS CLI to collect all versions of all AWS managed policies. Example files:
# APIGatewayServiceRolePolicy.v1
# APIGatewayServiceRolePolicy.v2
# APIGatewayServiceRolePolicy.v3

# Usage: ./grab.sh

# Note that the following policies do not exist and create zero byte files:

## gist:ced7ee7278f8dac24ef9a454ed96028f
Announcement: Amazon S3 will no longer support path-style API requests starting September 30th, 2020
Posted By:	Sarasaws
Created in:	Forum: Amazon Simple Storage Service (S3)
Posted on:	Apr 30, 2019 3:43 PM
Amazon S3 currently supports two request URI styles in all regions: path-style (also known as V1) that includes bucket name in the path of the URI (example: //s3.amazonaws.com/<bucketname>/key), and virtual-hosted style (also known as V2) which uses the bucket name as part of the domain name (example: //<bucketname>.s3.amazonaws.com/key). In our effort to continuously improve customer experience, the path-style naming convention is being retired in favor of virtual-hosted style request format. Customers should update their applications to use the virtual-hosted style request format when making S3 API requests before September 30th, 2020 to avoid any service disruptions. Customers using the AWS SDK can upgrade to the most recent version of the SDK to ensure their applications are using the virtual-hosted st

## gist:d05b752c84712781c7ec7c040585bf3a
cat botocore/data/endpoints.json | jq -cr '.partitions[0].services | keys[] as $k | .[$k] | .endpoints|to_entries[]| .key +"\t"+ $k' | sort | cut -f1 | uniq -c | sort -nr | sed 's/^ *\([0-9][0-9]*\) /\1    /' | grep -v fips


126	us-east-1
116	us-west-2
115	eu-west-1
101	ap-southeast-2
100	ap-northeast-1
97	eu-central-1
95	us-east-2

## gist:d2617b21b7b0426ca54c1df92adddfce
This XML file does not appear to have any style information associated with it. The document tree is shown below.
<xs:schema xmlns:tns="http://cloudfront.amazonaws.com/doc/2016-01-13/" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://cloudfront.amazonaws.com/doc/2016-01-13/" elementFormDefault="qualified">
<xs:element name="ActiveTrustedSigners" type="tns:ActiveTrustedSigners"/>
<xs:complexType name="ActiveTrustedSigners">
<xs:sequence>
<xs:element name="Enabled" type="xs:boolean"/>
<xs:element name="Quantity" type="xs:integer"/>
<xs:element name="Items" type="tns:SignerList" minOccurs="0"/>
</xs:sequence>
</xs:complexType>

## gist:a31fde35e000de85f679a019fb27b48b
{
  "version":"2.0",
  "metadata":{
    "apiVersion":"2016-01-13",
    "endpointPrefix":"cloudfront",
    "globalEndpoint":"cloudfront.amazonaws.com",
    "protocol":"rest-xml",
    "serviceAbbreviation":"CloudFront",
    "serviceFullName":"Amazon CloudFront",
    "serviceId":"CloudFront",

## gist:5d1d5fd619a20ba2ee899c56f8d6787f
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "apigateway:*",
                "autoscaling:*",
                "cloudtrail:*",
                "cloudwatch:*",
                "cloudformation:*",

## gist:489c188a154cb1074f724dec375318b2
a4b
account
acm
acm-pca
amplify
apigateway
application-autoscaling
appstream
appsync
artifact

## resources_referenced_by_managed_policies.txt
"*"
"arn:*:iam::*:role/aws-service-role/s3.data-source.lustre.fsx.amazonaws.com/AWSServiceRoleForFSxS3Access_*"
"arn:aws:a4b:*:*:gateway/*"
"arn:aws:acm-pca:*:*:certificate-authority/*"
"arn:aws:acuity:*:*:stream/deeplens*/*"
"arn:aws:apigateway:*::/*"
"arn:aws:apigateway:*::/account",
"arn:aws:apigateway:*::/clientcertificates",
"arn:aws:apigateway:*::/clientcertificates/*",
"arn:aws:apigateway:*::/domainnames"
	cat botocore/data///service.json \| jq -cr '.metadata.serviceId as $service \| .operations[]\| $service + ":" + .name' \| sort \| sed 's/20.//' \| uniq \| sed 's/:.*//' \| uniq -c


	Category Service API Count
	Analytics CloudSearch Domain 3
	Analytics CloudSearch 37
	Analytics Athena 28
	Analytics Data Pipeline 19
	Analytics DataExchange 22
	Analytics EMR 33
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Effect": "Deny",
	"Action": [
	"iam:UpdateAccessKey",
	"ec2:RequestSpotInstances",
	"organizations:InviteAccountToOrganization",
	"lightsail:DownloadDefaultKeyPair",
	#!/bin/bash

	# Use the AWS CLI to collect all versions of all AWS managed policies. Example files:
	# APIGatewayServiceRolePolicy.v1
	# APIGatewayServiceRolePolicy.v2
	# APIGatewayServiceRolePolicy.v3

	# Usage: ./grab.sh

	# Note that the following policies do not exist and create zero byte files:
	Announcement: Amazon S3 will no longer support path-style API requests starting September 30th, 2020
	Posted By: Sarasaws
	Created in: Forum: Amazon Simple Storage Service (S3)
	Posted on: Apr 30, 2019 3:43 PM
	Amazon S3 currently supports two request URI styles in all regions: path-style (also known as V1) that includes bucket name in the path of the URI (example: //s3.amazonaws.com/<bucketname>/key), and virtual-hosted style (also known as V2) which uses the bucket name as part of the domain name (example: //<bucketname>.s3.amazonaws.com/key). In our effort to continuously improve customer experience, the path-style naming convention is being retired in favor of virtual-hosted style request format. Customers should update their applications to use the virtual-hosted style request format when making S3 API requests before September 30th, 2020 to avoid any service disruptions. Customers using the AWS SDK can upgrade to the most recent version of the SDK to ensure their applications are using the virtual-hosted st
	cat botocore/data/endpoints.json \| jq -cr '.partitions[0].services \| keys[] as $k \| .[$k] \| .endpoints\|to_entries[]\| .key +"\t"+ $k' \| sort \| cut -f1 \| uniq -c \| sort -nr \| sed 's/^ \([0-9][0-9]\) /\1 /' \| grep -v fips


	126 us-east-1
	116 us-west-2
	115 eu-west-1
	101 ap-southeast-2
	100 ap-northeast-1
	97 eu-central-1
	95 us-east-2
	This XML file does not appear to have any style information associated with it. The document tree is shown below.
	<xs:schema xmlns:tns="http://cloudfront.amazonaws.com/doc/2016-01-13/" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://cloudfront.amazonaws.com/doc/2016-01-13/" elementFormDefault="qualified">
	<xs:element name="ActiveTrustedSigners" type="tns:ActiveTrustedSigners"/>
	<xs:complexType name="ActiveTrustedSigners">
	<xs:sequence>
	<xs:element name="Enabled" type="xs:boolean"/>
	<xs:element name="Quantity" type="xs:integer"/>
	<xs:element name="Items" type="tns:SignerList" minOccurs="0"/>
	</xs:sequence>
	</xs:complexType>
	{
	"version":"2.0",
	"metadata":{
	"apiVersion":"2016-01-13",
	"endpointPrefix":"cloudfront",
	"globalEndpoint":"cloudfront.amazonaws.com",
	"protocol":"rest-xml",
	"serviceAbbreviation":"CloudFront",
	"serviceFullName":"Amazon CloudFront",
	"serviceId":"CloudFront",
	a4b
	account
	acm
	acm-pca
	amplify
	apigateway
	application-autoscaling
	appstream
	appsync
	artifact
	"*"
	"arn::iam:::role/aws-service-role/s3.data-source.lustre.fsx.amazonaws.com/AWSServiceRoleForFSxS3Access_*"
	"arn:aws:a4b:::gateway/*"
	"arn:aws:acm-pca:::certificate-authority/*"
	"arn:aws:acuity:::stream/deeplens/"
	"arn:aws:apigateway:::/"
	"arn:aws:apigateway:*::/account",
	"arn:aws:apigateway:*::/clientcertificates",
	"arn:aws:apigateway:::/clientcertificates/",
	"arn:aws:apigateway:*::/domainnames"