PyPI - aws-inventory-manager - Versions diffs - 0.13.2__py3-none-any.whl - Mend

aws-inventory-manager 0.13.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of aws-inventory-manager might be problematic. Click here for more details.

Files changed (145) hide show

aws_inventory_manager-0.13.2.dist-info/LICENSE +21 -0
aws_inventory_manager-0.13.2.dist-info/METADATA +1226 -0
aws_inventory_manager-0.13.2.dist-info/RECORD +145 -0
aws_inventory_manager-0.13.2.dist-info/WHEEL +5 -0
aws_inventory_manager-0.13.2.dist-info/entry_points.txt +2 -0
aws_inventory_manager-0.13.2.dist-info/top_level.txt +1 -0
src/__init__.py +3 -0
src/aws/__init__.py +11 -0
src/aws/client.py +128 -0
src/aws/credentials.py +191 -0
src/aws/rate_limiter.py +177 -0
src/cli/__init__.py +12 -0
src/cli/config.py +130 -0
src/cli/main.py +3626 -0
src/config_service/__init__.py +21 -0
src/config_service/collector.py +346 -0
src/config_service/detector.py +256 -0
src/config_service/resource_type_mapping.py +328 -0
src/cost/__init__.py +5 -0
src/cost/analyzer.py +226 -0
src/cost/explorer.py +209 -0
src/cost/reporter.py +237 -0
src/delta/__init__.py +5 -0
src/delta/calculator.py +206 -0
src/delta/differ.py +185 -0
src/delta/formatters.py +272 -0
src/delta/models.py +154 -0
src/delta/reporter.py +234 -0
src/models/__init__.py +21 -0
src/models/config_diff.py +135 -0
src/models/cost_report.py +87 -0
src/models/deletion_operation.py +104 -0
src/models/deletion_record.py +97 -0
src/models/delta_report.py +122 -0
src/models/efs_resource.py +80 -0
src/models/elasticache_resource.py +90 -0
src/models/group.py +318 -0
src/models/inventory.py +133 -0
src/models/protection_rule.py +123 -0
src/models/report.py +288 -0
src/models/resource.py +111 -0
src/models/security_finding.py +102 -0
src/models/snapshot.py +122 -0
src/restore/__init__.py +20 -0
src/restore/audit.py +175 -0
src/restore/cleaner.py +461 -0
src/restore/config.py +209 -0
src/restore/deleter.py +976 -0
src/restore/dependency.py +254 -0
src/restore/safety.py +115 -0
src/security/__init__.py +0 -0
src/security/checks/__init__.py +0 -0
src/security/checks/base.py +56 -0
src/security/checks/ec2_checks.py +88 -0
src/security/checks/elasticache_checks.py +149 -0
src/security/checks/iam_checks.py +102 -0
src/security/checks/rds_checks.py +140 -0
src/security/checks/s3_checks.py +95 -0
src/security/checks/secrets_checks.py +96 -0
src/security/checks/sg_checks.py +142 -0
src/security/cis_mapper.py +97 -0
src/security/models.py +53 -0
src/security/reporter.py +174 -0
src/security/scanner.py +87 -0
src/snapshot/__init__.py +6 -0
src/snapshot/capturer.py +451 -0
src/snapshot/filter.py +259 -0
src/snapshot/inventory_storage.py +236 -0
src/snapshot/report_formatter.py +250 -0
src/snapshot/reporter.py +189 -0
src/snapshot/resource_collectors/__init__.py +5 -0
src/snapshot/resource_collectors/apigateway.py +140 -0
src/snapshot/resource_collectors/backup.py +136 -0
src/snapshot/resource_collectors/base.py +81 -0
src/snapshot/resource_collectors/cloudformation.py +55 -0
src/snapshot/resource_collectors/cloudwatch.py +109 -0
src/snapshot/resource_collectors/codebuild.py +69 -0
src/snapshot/resource_collectors/codepipeline.py +82 -0
src/snapshot/resource_collectors/dynamodb.py +65 -0
src/snapshot/resource_collectors/ec2.py +240 -0
src/snapshot/resource_collectors/ecs.py +215 -0
src/snapshot/resource_collectors/efs_collector.py +102 -0
src/snapshot/resource_collectors/eks.py +200 -0
src/snapshot/resource_collectors/elasticache_collector.py +79 -0
src/snapshot/resource_collectors/elb.py +126 -0
src/snapshot/resource_collectors/eventbridge.py +156 -0
src/snapshot/resource_collectors/iam.py +188 -0
src/snapshot/resource_collectors/kms.py +111 -0
src/snapshot/resource_collectors/lambda_func.py +139 -0
src/snapshot/resource_collectors/rds.py +109 -0
src/snapshot/resource_collectors/route53.py +86 -0
src/snapshot/resource_collectors/s3.py +105 -0
src/snapshot/resource_collectors/secretsmanager.py +70 -0
src/snapshot/resource_collectors/sns.py +68 -0
src/snapshot/resource_collectors/sqs.py +82 -0
src/snapshot/resource_collectors/ssm.py +160 -0
src/snapshot/resource_collectors/stepfunctions.py +74 -0
src/snapshot/resource_collectors/vpcendpoints.py +79 -0
src/snapshot/resource_collectors/waf.py +159 -0
src/snapshot/storage.py +351 -0
src/storage/__init__.py +21 -0
src/storage/audit_store.py +419 -0
src/storage/database.py +294 -0
src/storage/group_store.py +749 -0
src/storage/inventory_store.py +320 -0
src/storage/resource_store.py +413 -0
src/storage/schema.py +288 -0
src/storage/snapshot_store.py +346 -0
src/utils/__init__.py +12 -0
src/utils/export.py +305 -0
src/utils/hash.py +60 -0
src/utils/logging.py +63 -0
src/utils/pagination.py +41 -0
src/utils/paths.py +51 -0
src/utils/progress.py +41 -0
src/utils/unsupported_resources.py +306 -0
src/web/__init__.py +5 -0
src/web/app.py +97 -0
src/web/dependencies.py +69 -0
src/web/routes/__init__.py +1 -0
src/web/routes/api/__init__.py +18 -0
src/web/routes/api/charts.py +156 -0
src/web/routes/api/cleanup.py +186 -0
src/web/routes/api/filters.py +253 -0
src/web/routes/api/groups.py +305 -0
src/web/routes/api/inventories.py +80 -0
src/web/routes/api/queries.py +202 -0
src/web/routes/api/resources.py +379 -0
src/web/routes/api/snapshots.py +314 -0
src/web/routes/api/views.py +260 -0
src/web/routes/pages.py +198 -0
src/web/services/__init__.py +1 -0
src/web/templates/base.html +949 -0
src/web/templates/components/navbar.html +31 -0
src/web/templates/components/sidebar.html +104 -0
src/web/templates/pages/audit_logs.html +86 -0
src/web/templates/pages/cleanup.html +279 -0
src/web/templates/pages/dashboard.html +227 -0
src/web/templates/pages/diff.html +175 -0
src/web/templates/pages/error.html +30 -0
src/web/templates/pages/groups.html +721 -0
src/web/templates/pages/queries.html +246 -0
src/web/templates/pages/resources.html +2251 -0
src/web/templates/pages/snapshot_detail.html +271 -0
src/web/templates/pages/snapshots.html +429 -0

src/cost/explorer.py ADDED Viewed

@@ -0,0 +1,209 @@
+"""Cost Explorer integration for retrieving cost data."""
+import logging
+from datetime import datetime, timedelta
+from typing import Dict, List, Optional, Tuple
+import boto3
+from botocore.exceptions import ClientError
+logger = logging.getLogger(__name__)
+class CostExplorerClient:
+    """Wrapper for AWS Cost Explorer API."""
+    def __init__(self, profile_name: Optional[str] = None):
+        """Initialize Cost Explorer client.
+        Args:
+            profile_name: AWS profile name (optional)
+        """
+        if profile_name:
+            session = boto3.Session(profile_name=profile_name)
+            self.client = session.client("ce", region_name="us-east-1")  # Cost Explorer is global
+        else:
+            self.client = boto3.client("ce", region_name="us-east-1")
+    def get_cost_and_usage(
+        self,
+        start_date: datetime,
+        end_date: datetime,
+        granularity: str = "MONTHLY",
+        metrics: Optional[List[str]] = None,
+        group_by: Optional[List[Dict[str, str]]] = None,
+        filter_expression: Optional[Dict] = None,
+    ) -> Dict:
+        """Get cost and usage data from Cost Explorer.
+        Args:
+            start_date: Start date for cost data (inclusive)
+            end_date: End date for cost data (exclusive)
+            granularity: Time granularity - DAILY or MONTHLY
+            metrics: Cost metrics to retrieve (default: UnblendedCost)
+            group_by: Dimensions to group by (e.g., SERVICE, REGION)
+            filter_expression: Filter to apply to cost data
+        Returns:
+            Cost and usage data from Cost Explorer API
+        Raises:
+            CostExplorerError: If Cost Explorer is not enabled or API call fails
+        """
+        if metrics is None:
+            metrics = ["UnblendedCost"]
+        try:
+            params = {
+                "TimePeriod": {
+                    "Start": start_date.strftime("%Y-%m-%d"),
+                    "End": end_date.strftime("%Y-%m-%d"),
+                },
+                "Granularity": granularity,
+                "Metrics": metrics,
+            }
+            if group_by:
+                params["GroupBy"] = group_by  # type: ignore[assignment]
+            if filter_expression:
+                params["Filter"] = filter_expression
+            logger.info(
+                f"Retrieving cost data from {start_date.strftime('%Y-%m-%d')} " f"to {end_date.strftime('%Y-%m-%d')}"
+            )
+            response = self.client.get_cost_and_usage(**params)
+            logger.info(f"Retrieved {len(response.get('ResultsByTime', []))} time periods")
+            return response  # type: ignore[return-value]
+        except ClientError as e:
+            error_code = e.response.get("Error", {}).get("Code", "Unknown")
+            if error_code == "AccessDeniedException":
+                raise CostExplorerError(
+                    "Access denied to Cost Explorer. Ensure your IAM user/role has the "
+                    "'ce:GetCostAndUsage' permission."
+                )
+            elif error_code == "DataUnavailableException":
+                raise CostExplorerError(
+                    "Cost data is not yet available for the specified time period. "
+                    "Cost Explorer data typically has a 24-48 hour delay."
+                )
+            else:
+                raise CostExplorerError(f"Cost Explorer API error: {e}")
+        except Exception as e:
+            logger.error(f"Unexpected error retrieving cost data: {e}")
+            raise CostExplorerError(f"Failed to retrieve cost data: {e}")
+    def get_costs_by_service(
+        self,
+        start_date: datetime,
+        end_date: datetime,
+        granularity: str = "MONTHLY",
+    ) -> Dict[str, float]:
+        """Get total costs grouped by AWS service.
+        Args:
+            start_date: Start date for cost data
+            end_date: End date for cost data
+            granularity: Time granularity
+        Returns:
+            Dictionary mapping service name to total cost
+        """
+        response = self.get_cost_and_usage(
+            start_date=start_date,
+            end_date=end_date,
+            granularity=granularity,
+            group_by=[{"Type": "DIMENSION", "Key": "SERVICE"}],
+        )
+        service_costs: Dict[str, float] = {}
+        for time_period in response.get("ResultsByTime", []):
+            for group in time_period.get("Groups", []):
+                service_name = group["Keys"][0]
+                cost = float(group["Metrics"]["UnblendedCost"]["Amount"])
+                if service_name in service_costs:
+                    service_costs[service_name] += cost
+                else:
+                    service_costs[service_name] = cost
+        return service_costs
+    def get_total_cost(
+        self,
+        start_date: datetime,
+        end_date: datetime,
+    ) -> float:
+        """Get total cost for the specified period.
+        Args:
+            start_date: Start date for cost data
+            end_date: End date for cost data
+        Returns:
+            Total cost amount
+        """
+        response = self.get_cost_and_usage(
+            start_date=start_date,
+            end_date=end_date,
+            granularity="MONTHLY",
+        )
+        total_cost = 0.0
+        for time_period in response.get("ResultsByTime", []):
+            cost = float(time_period["Total"]["UnblendedCost"]["Amount"])
+            total_cost += cost
+        return total_cost
+    def check_data_completeness(
+        self,
+        end_date: datetime,
+    ) -> Tuple[bool, Optional[datetime], int]:
+        """Check if cost data is complete up to the specified date.
+        Cost Explorer typically has a 24-48 hour delay in data availability.
+        Args:
+            end_date: The date to check data completeness for
+        Returns:
+            Tuple of (is_complete, data_available_through, lag_days)
+        """
+        # Cost Explorer data typically lags 1-2 days
+        today = datetime.now().date()
+        end_date_only = end_date.date()
+        # Calculate lag
+        lag_days = (today - end_date_only).days
+        # Data is considered incomplete if less than 2 days old
+        is_complete = lag_days >= 2
+        # Estimate data available through date
+        if lag_days < 2:
+            data_available_through = datetime.combine(today - timedelta(days=2), datetime.min.time())
+        else:
+            data_available_through = end_date
+        logger.info(
+            f"Cost data completeness: {'Complete' if is_complete else 'Incomplete'}, "
+            f"available through {data_available_through.strftime('%Y-%m-%d')}, "
+            f"lag: {lag_days} days"
+        )
+        return is_complete, data_available_through, lag_days
+class CostExplorerError(Exception):
+    """Exception raised for Cost Explorer errors."""
+    pass

src/cost/reporter.py ADDED Viewed

@@ -0,0 +1,237 @@
+"""Cost report formatting and display."""
+from typing import Optional
+from rich.console import Console
+from rich.panel import Panel
+from rich.table import Table
+from ..models.cost_report import CostReport
+class CostReporter:
+    """Format and display cost reports."""
+    def __init__(self, console: Optional[Console] = None):
+        """Initialize cost reporter.
+        Args:
+            console: Rich console instance (creates new one if not provided)
+        """
+        self.console = console or Console()
+    def display(self, report: CostReport, show_services: bool = True, has_deltas: bool = False) -> None:
+        """Display cost report to console.
+        Args:
+            report: CostReport to display
+            show_services: Whether to show service-level breakdown
+            has_deltas: Whether there are resource changes (deltas)
+        """
+        # Header
+        self.console.print()
+        self.console.print(
+            Panel(
+                f"[bold]Cost Analysis Report[/bold]\n"
+                f"Snapshot: {report.baseline_snapshot_name}\n"
+                f"Period: {report.period_start.strftime('%Y-%m-%d')} to {report.period_end.strftime('%Y-%m-%d')}\n"
+                f"Generated: {report.generated_at.strftime('%Y-%m-%d %H:%M:%S UTC')}",
+                style="cyan",
+            )
+        )
+        self.console.print()
+        # Data completeness warning
+        if not report.data_complete and report.data_through:
+            self.console.print(
+                f"⚠️  [yellow]Note: Cost data has {report.lag_days} day lag. "
+                f"Data available through {report.data_through.strftime('%Y-%m-%d')}[/yellow]\n"
+            )
+        # If no deltas, show simplified view
+        if not has_deltas:
+            self.console.print(
+                "✓ [green]No resource changes detected - all costs are from snapshot resources[/green]\n"
+            )
+            self._display_snapshot_costs(report)
+        else:
+            # Summary table with baseline/non-baseline split
+            self._display_summary(report)
+        # Service breakdown
+        if show_services and report.baseline_costs.by_service:
+            self.console.print()
+            self._display_service_breakdown(report, has_deltas)
+    def _display_snapshot_costs(self, report: CostReport) -> None:
+        """Display snapshot costs (no splitting since there are no changes)."""
+        table = Table(title="Snapshot Costs", show_header=True, header_style="bold cyan")
+        table.add_column("Total Cost", justify="right", style="bold green", width=20)
+        table.add_row(f"${report.baseline_costs.total:,.2f}")
+        self.console.print(table)
+    def _display_summary(self, report: CostReport) -> None:
+        """Display cost summary."""
+        table = Table(title="Cost Summary", show_header=True, header_style="bold magenta")
+        table.add_column("Category", style="cyan", width=25)
+        table.add_column("Amount (USD)", justify="right", style="green", width=15)
+        table.add_column("Percentage", justify="right", width=12)
+        table.add_column("Visual", width=30)
+        # Baseline costs
+        baseline_bar = self._create_progress_bar(report.baseline_percentage, color="blue")
+        table.add_row(
+            '💰 Baseline ("Dial Tone")',
+            f"${report.baseline_costs.total:,.2f}",
+            f"{report.baseline_percentage:.1f}%",
+            baseline_bar,
+        )
+        # Non-baseline costs
+        non_baseline_bar = self._create_progress_bar(report.non_baseline_percentage, color="yellow")
+        table.add_row(
+            "📊 Non-Baseline (Projects)",
+            f"${report.non_baseline_costs.total:,.2f}",
+            f"{report.non_baseline_percentage:.1f}%",
+            non_baseline_bar,
+        )
+        # Separator
+        table.add_row("━" * 25, "━" * 15, "━" * 12, "━" * 30, style="dim")
+        # Total
+        table.add_row("[bold]Total", f"[bold]${report.total_cost:,.2f}", "[bold]100.0%", "")
+        self.console.print(table)
+    def _display_service_breakdown(self, report: CostReport, has_deltas: bool = False) -> None:
+        """Display service-level cost breakdown."""
+        # Get top services
+        top_baseline = report.get_top_services(limit=10, baseline=True)
+        if top_baseline:
+            title = "Costs by Service" if not has_deltas else "Top Baseline Services"
+            self.console.print(f"[bold cyan]{title}:[/bold cyan]")
+            baseline_table = Table(show_header=True, box=None, padding=(0, 2))
+            baseline_table.add_column("Service", style="white")
+            baseline_table.add_column("Cost", justify="right", style="green")
+            baseline_table.add_column("% of Total", justify="right", style="dim")
+            for service, cost in top_baseline.items():
+                pct = (cost / report.baseline_costs.total * 100) if report.baseline_costs.total > 0 else 0
+                baseline_table.add_row(self._shorten_service_name(service), f"${cost:,.2f}", f"{pct:.1f}%")
+            self.console.print(baseline_table)
+            self.console.print()
+        # Only show non-baseline section if there are actual deltas
+        if has_deltas:
+            top_non_baseline = report.get_top_services(limit=5, baseline=False)
+            if top_non_baseline:
+                self.console.print("[bold yellow]Top Non-Baseline Services:[/bold yellow]")
+                non_baseline_table = Table(show_header=True, box=None, padding=(0, 2))
+                non_baseline_table.add_column("Service", style="white")
+                non_baseline_table.add_column("Cost", justify="right", style="green")
+                non_baseline_table.add_column("% of Non-Baseline", justify="right", style="dim")
+                for service, cost in top_non_baseline.items():
+                    pct = (cost / report.non_baseline_costs.total * 100) if report.non_baseline_costs.total > 0 else 0
+                    non_baseline_table.add_row(self._shorten_service_name(service), f"${cost:,.2f}", f"{pct:.1f}%")
+                self.console.print(non_baseline_table)
+    def _create_progress_bar(self, percentage: float, color: str = "green") -> str:
+        """Create a text-based progress bar.
+        Args:
+            percentage: Percentage value (0-100)
+            color: Color for the bar
+        Returns:
+            Formatted progress bar string
+        """
+        width = 20
+        filled = int((percentage / 100) * width)
+        bar = "█" * filled + "░" * (width - filled)
+        return f"[{color}]{bar}[/{color}]"
+    def _shorten_service_name(self, service_name: str) -> str:
+        """Shorten AWS service names for display.
+        Args:
+            service_name: Full AWS service name
+        Returns:
+            Shortened service name
+        """
+        # Common abbreviations
+        replacements = {
+            "Amazon Elastic Compute Cloud - Compute": "EC2",
+            "Amazon Simple Storage Service": "S3",
+            "AWS Lambda": "Lambda",
+            "Amazon Relational Database Service": "RDS",
+            "AWS Identity and Access Management": "IAM",
+            "Amazon Virtual Private Cloud": "VPC",
+            "Amazon CloudWatch": "CloudWatch",
+            "Amazon Simple Notification Service": "SNS",
+            "Amazon Simple Queue Service": "SQS",
+            "Amazon DynamoDB": "DynamoDB",
+        }
+        return replacements.get(service_name, service_name)
+    def export_json(self, report: CostReport, filepath: str) -> None:
+        """Export cost report to JSON file.
+        Args:
+            report: CostReport to export
+            filepath: Destination file path
+        """
+        from ..utils.export import export_to_json
+        export_to_json(report.to_dict(), filepath)
+        self.console.print(f"[green]✓ Cost report exported to {filepath}[/green]")
+    def export_csv(self, report: CostReport, filepath: str) -> None:
+        """Export cost report to CSV file.
+        Args:
+            report: CostReport to export
+            filepath: Destination file path
+        """
+        from ..utils.export import export_to_csv
+        # Flatten into rows - one row per service
+        rows = []
+        # Baseline services
+        for service, cost in report.baseline_costs.by_service.items():
+            pct = (cost / report.baseline_costs.total * 100) if report.baseline_costs.total > 0 else 0
+            rows.append(
+                {
+                    "category": "baseline",
+                    "service": service,
+                    "cost": cost,
+                    "percentage_of_category": pct,
+                    "percentage_of_total": (cost / report.total_cost * 100) if report.total_cost > 0 else 0,
+                }
+            )
+        # Non-baseline services
+        for service, cost in report.non_baseline_costs.by_service.items():
+            pct = (cost / report.non_baseline_costs.total * 100) if report.non_baseline_costs.total > 0 else 0
+            rows.append(
+                {
+                    "category": "non_baseline",
+                    "service": service,
+                    "cost": cost,
+                    "percentage_of_category": pct,
+                    "percentage_of_total": (cost / report.total_cost * 100) if report.total_cost > 0 else 0,
+                }
+            )
+        if rows:
+            export_to_csv(rows, filepath)
+            self.console.print(f"[green]✓ Cost report exported to {filepath}[/green]")
+        else:
+            self.console.print("[yellow]⚠ No cost data to export[/yellow]")

src/delta/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+"""Delta tracking module for comparing snapshots to current state."""
+from typing import List
+__all__: List[str] = []

src/delta/calculator.py ADDED Viewed

@@ -0,0 +1,206 @@
+"""Delta calculator for comparing snapshots."""
+import logging
+from datetime import datetime, timezone
+from typing import List, Optional
+from ..models.delta_report import DeltaReport, ResourceChange
+from ..models.resource import Resource
+from ..models.snapshot import Snapshot
+logger = logging.getLogger(__name__)
+class DeltaCalculator:
+    """Calculate differences between two snapshots."""
+    def __init__(self, reference_snapshot: Snapshot, current_snapshot: Snapshot):
+        """Initialize delta calculator.
+        Args:
+            reference_snapshot: The reference snapshot to compare against
+            current_snapshot: The current snapshot
+        """
+        self.reference = reference_snapshot
+        self.current = current_snapshot
+        # Index resources by ARN for fast lookup
+        self.reference_index = {r.arn: r for r in reference_snapshot.resources}
+        self.current_index = {r.arn: r for r in current_snapshot.resources}
+    def calculate(
+        self,
+        resource_type_filter: Optional[List[str]] = None,
+        region_filter: Optional[List[str]] = None,
+        include_drift_details: bool = False,
+    ) -> DeltaReport:
+        """Calculate delta between reference and current snapshots.
+        Args:
+            resource_type_filter: Optional list of resource types to include
+            region_filter: Optional list of regions to include
+            include_drift_details: Whether to calculate field-level configuration diffs
+        Returns:
+            DeltaReport with added, deleted, and modified resources
+        """
+        logger.info("Calculating delta between reference and current snapshots")
+        added_resources = []
+        deleted_resources = []
+        modified_resources = []
+        reference_arns = set(self.reference_index.keys())
+        current_arns = set(self.current_index.keys())
+        # Find added resources (in current but not in reference)
+        added_arns = current_arns - reference_arns
+        for arn in added_arns:
+            resource = self.current_index[arn]
+            if self._matches_filters(resource, resource_type_filter, region_filter):
+                added_resources.append(resource)
+        # Find deleted resources (in reference but not in current)
+        deleted_arns = reference_arns - current_arns
+        for arn in deleted_arns:
+            resource = self.reference_index[arn]
+            if self._matches_filters(resource, resource_type_filter, region_filter):
+                deleted_resources.append(resource)
+        # Find modified resources (in both but with different config)
+        common_arns = reference_arns & current_arns
+        for arn in common_arns:
+            reference_resource = self.reference_index[arn]
+            current_resource = self.current_index[arn]
+            if self._matches_filters(current_resource, resource_type_filter, region_filter):
+                # Compare config hashes to detect modifications
+                if reference_resource.config_hash != current_resource.config_hash:
+                    change = ResourceChange(
+                        resource=current_resource,
+                        baseline_resource=reference_resource,
+                        change_type="modified",
+                        old_config_hash=reference_resource.config_hash,
+                        new_config_hash=current_resource.config_hash,
+                    )
+                    modified_resources.append(change)
+        # Calculate drift details if requested
+        drift_report = None
+        if include_drift_details and modified_resources:
+            from .differ import ConfigDiffer
+            from .models import DriftReport as ConfigDriftReport
+            drift_report = ConfigDriftReport()
+            differ = ConfigDiffer()
+            for change in modified_resources:
+                # Only calculate diffs if both resources have raw_config
+                if change.baseline_resource.raw_config and change.resource.raw_config:
+                    diffs = differ.compare(
+                        resource_arn=change.resource.arn,
+                        old_config=change.baseline_resource.raw_config,
+                        new_config=change.resource.raw_config,
+                    )
+                    for diff in diffs:
+                        drift_report.add_diff(diff)
+        # Create delta report
+        report = DeltaReport(
+            generated_at=datetime.now(timezone.utc),
+            baseline_snapshot_name=self.reference.name,
+            current_snapshot_name=self.current.name,
+            added_resources=added_resources,
+            deleted_resources=deleted_resources,
+            modified_resources=modified_resources,
+            baseline_resource_count=len(self.reference.resources),
+            current_resource_count=len(self.current.resources),
+            drift_report=drift_report,
+        )
+        logger.info(
+            f"Delta calculated: {len(added_resources)} added, "
+            f"{len(deleted_resources)} deleted, {len(modified_resources)} modified"
+        )
+        return report
+    def _matches_filters(
+        self,
+        resource: Resource,
+        resource_type_filter: Optional[List[str]],
+        region_filter: Optional[List[str]],
+    ) -> bool:
+        """Check if resource matches the specified filters.
+        Args:
+            resource: Resource to check
+            resource_type_filter: Optional list of resource types to include
+            region_filter: Optional list of regions to include
+        Returns:
+            True if resource matches all filters
+        """
+        # Check resource type filter
+        if resource_type_filter:
+            if resource.resource_type not in resource_type_filter:
+                return False
+        # Check region filter
+        if region_filter:
+            if resource.region not in region_filter:
+                return False
+        return True
+def compare_to_current_state(
+    reference_snapshot: Snapshot,
+    profile_name: Optional[str] = None,
+    regions: Optional[List[str]] = None,
+    resource_type_filter: Optional[List[str]] = None,
+    region_filter: Optional[List[str]] = None,
+    include_drift_details: bool = False,
+) -> DeltaReport:
+    """Compare reference snapshot to current AWS state.
+    This is a convenience function that captures current state and calculates delta.
+    Args:
+        reference_snapshot: The reference snapshot to compare against
+        profile_name: AWS profile name (optional)
+        regions: Regions to scan (defaults to reference snapshot regions)
+        resource_type_filter: Optional list of resource types to include in delta
+        region_filter: Optional list of regions to include in delta
+        include_drift_details: Whether to calculate field-level configuration diffs
+    Returns:
+        DeltaReport with changes
+    """
+    from ..aws.credentials import get_account_id
+    from ..snapshot.capturer import create_snapshot
+    # Use reference snapshot regions if not specified
+    if not regions:
+        regions = reference_snapshot.regions
+    # Get account ID
+    account_id = get_account_id(profile_name)
+    # Capture current state (don't save it, just use for comparison)
+    logger.info("Capturing current AWS state for comparison...")
+    current_snapshot = create_snapshot(
+        name=f"temp-current-{datetime.now(timezone.utc).strftime('%Y%m%d-%H%M%S')}",
+        regions=regions,
+        account_id=account_id,
+        profile_name=profile_name,
+        set_active=False,
+    )
+    # Calculate delta
+    calculator = DeltaCalculator(reference_snapshot, current_snapshot)
+    return calculator.calculate(
+        resource_type_filter=resource_type_filter,
+        region_filter=region_filter,
+        include_drift_details=include_drift_details,
+    )