Skip to content

Instantly share code, notes, and snippets.

@deekayen

deekayen/README.md

Last active November 18, 2020 18:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save deekayen/7cfbc3c71b57536aba8bc15ccf1ff321 to your computer and use it in GitHub Desktop.
Save deekayen/7cfbc3c71b57536aba8bc15ccf1ff321 to your computer and use it in GitHub Desktop.
Download ZIP
Loop through AWS accounts to get a list of services they're using. Expects aliases to be already configured and logged-in on saml2aws.
Raw
README.md

Setup each account alias (e.g. 0440) in ~.saml2aws:

[0440]
app_id               =
url                  = https://yourcompany.okta.com/home/amazon_aws/0oampop23kld3JI9b0x7/272
username             = david.norman@example.com
provider             = Okta
mfa                  = PUSH
skip_verify          = false
timeout              = 0
aws_urn              = urn:amazon:webservices
aws_session_duration = 3600
aws_profile          = 0440
resource_id          =
subdomain            =
role_arn             = arn:aws:iam::123412341234:role/orchestration-administrator
region               = us-east-1
http_attempts_count  =
http_retry_delay     =

Save whatever the latest raw version of this script to your tmp folder.

wget https://gist.githubusercontent.com/deekayen/7cfbc3c71b57536aba8bc15ccf1ff321/raw/42e3a882e1c73f42b799ae8e0c4038d51a63f7a5/loop_accounts.sh
chmod 755 loop_account.sh

Then login to each account to cache some valid access keys.

saml2aws login -a 0440
saml2aws login -a 0464
saml2aws login -a 1419
saml2aws login -a 5889

Run it and go have lunch.

./loop_accounts.sh

Combine the outputs into a single file of unique services.

cat *.txt | sort | uniq > all.txt
Raw
loop_accounts.sh
#!/bin/zsh
AWS_ACCOUNTS=('0440' '0464' '1419' '5889' '5946' '0394' '1996' '2349' '3522' '2773' '6332' '4688' '4414' '3550' '1351')
MEDAL_ACCOUNTS=('2985' '4396' '5085' '7340' '7942' '7997')
for acct_num in "${AWS_ACCOUNTS[@]}"
do
echo "Starting $acct_num..."
saml2aws exec -a $acct_num 'aws-list-all query --region us-east-1 | grep "+++" | cut -d" " -f2 | sort | uniq' > $acct_num.txt
echo "Cleaning json files..."
rm -f *.json
done
# Different region!
for acct_num in "${MEDAL_ACCOUNTS[@]}"
do
echo "Starting $acct_num..."
saml2aws exec -a $acct_num 'aws-list-all query --region us-west-2 | grep "+++" | cut -d" " -f2 | sort | uniq' > $acct_num.txt
echo "Cleaning json files..."
rm -f *.json
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment