This python script lists all the main resources of your AWS account. This inventory may be uncomplete, but it should help you to find what I call "main" resources that are, in my mind, resources that should affect billing and/or security. Intended for personal use (even if I added some professional features like logging), and for only one account. For more information on multiple accounts, read the wiki. Pre-requisites: This program needs Python 3.4 or newer. AWS CLI must be installed and configured on the system you want to run aws-inventory. You SHOULD use a special account with minimal rights (= those in inventory*.json files). See wiki for more. Make sure that you have the latest boto3 version. Older versions may lead to signature error with the newest regions or to some malfunction. Further information here : http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html. How to contribute? TESTERS WANTED! If you test this code, please
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.
Automated script for creating a vulnerable Azure cloud lab to train offensive security skills.
A collection of security workshops and hands-on content for AWS security services and techniques
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
Tool for assessing compliance and running vulnerability scans on Docker images.
Multi-cloud OSINT tool for enumerating public resources in AWS, Azure, and Google Cloud.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.