aws-inventory-manager 0.17.12__py3-none-any.whl

src/snapshot/resource_collectors/backup.py

@@ -0,0 +1,136 @@
+"""AWS Backup resource collector."""
+
+from typing import List
+
+from ...models.resource import Resource
+from ...utils.hash import compute_config_hash
+from .base import BaseResourceCollector
+
+
+class BackupCollector(BaseResourceCollector):
+    """Collector for AWS Backup resources."""
+
+    @property
+    def service_name(self) -> str:
+        return "backup"
+
+    def collect(self) -> List[Resource]:
+        """Collect AWS Backup resources.
+
+        Collects:
+        - Backup Plans
+        - Backup Vaults
+
+        Returns:
+            List of AWS Backup resources
+        """
+        resources = []
+
+        # Collect Backup Plans
+        resources.extend(self._collect_backup_plans())
+
+        # Collect Backup Vaults
+        resources.extend(self._collect_backup_vaults())
+
+        self.logger.debug(f"Collected {len(resources)} AWS Backup resources in {self.region}")
+        return resources
+
+    def _collect_backup_plans(self) -> List[Resource]:
+        """Collect Backup Plans.
+
+        Returns:
+            List of Backup Plan resources
+        """
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("list_backup_plans")
+            for page in paginator.paginate():
+                for plan_summary in page.get("BackupPlansList", []):
+                    plan_id = plan_summary["BackupPlanId"]
+                    plan_name = plan_summary["BackupPlanName"]
+                    plan_arn = plan_summary["BackupPlanArn"]
+
+                    try:
+                        # Get detailed plan info
+                        plan_response = client.get_backup_plan(BackupPlanId=plan_id)
+                        plan = plan_response.get("BackupPlan", {})
+
+                        # Get tags
+                        tags = {}
+                        try:
+                            tag_response = client.list_tags(ResourceArn=plan_arn)
+                            tags = tag_response.get("Tags", {})
+                        except Exception as e:
+                            self.logger.debug(f"Could not get tags for backup plan {plan_name}: {e}")
+
+                        # Extract creation date
+                        created_at = plan_summary.get("CreationDate")
+
+                        # Create resource
+                        resource = Resource(
+                            arn=plan_arn,
+                            resource_type="AWS::Backup::BackupPlan",
+                            name=plan_name,
+                            region=self.region,
+                            tags=tags,
+                            config_hash=compute_config_hash(plan),
+                            created_at=created_at,
+                            raw_config=plan,
+                        )
+                        resources.append(resource)
+
+                    except Exception as e:
+                        self.logger.debug(f"Error processing backup plan {plan_name}: {e}")
+                        continue
+
+        except Exception as e:
+            self.logger.error(f"Error collecting Backup Plans in {self.region}: {e}")
+
+        return resources
+
+    def _collect_backup_vaults(self) -> List[Resource]:
+        """Collect Backup Vaults.
+
+        Returns:
+            List of Backup Vault resources
+        """
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("list_backup_vaults")
+            for page in paginator.paginate():
+                for vault in page.get("BackupVaultList", []):
+                    vault_name = vault["BackupVaultName"]
+                    vault_arn = vault["BackupVaultArn"]
+
+                    # Get tags
+                    tags = {}
+                    try:
+                        tag_response = client.list_tags(ResourceArn=vault_arn)
+                        tags = tag_response.get("Tags", {})
+                    except Exception as e:
+                        self.logger.debug(f"Could not get tags for backup vault {vault_name}: {e}")
+
+                    # Extract creation date
+                    created_at = vault.get("CreationDate")
+
+                    # Create resource
+                    resource = Resource(
+                        arn=vault_arn,
+                        resource_type="AWS::Backup::BackupVault",
+                        name=vault_name,
+                        region=self.region,
+                        tags=tags,
+                        config_hash=compute_config_hash(vault),
+                        created_at=created_at,
+                        raw_config=vault,
+                    )
+                    resources.append(resource)
+
+        except Exception as e:
+            self.logger.error(f"Error collecting Backup Vaults in {self.region}: {e}")
+
+        return resources

src/snapshot/resource_collectors/base.py

@@ -0,0 +1,81 @@
+"""Base resource collector interface."""
+
+import logging
+from abc import ABC, abstractmethod
+from typing import List, Optional
+
+import boto3
+
+from ...models.resource import Resource
+
+logger = logging.getLogger(__name__)
+
+
+class BaseResourceCollector(ABC):
+    """Abstract base class for AWS resource collectors.
+
+    Each AWS service (EC2, IAM, Lambda, etc.) should implement this interface
+    to provide a consistent way of collecting resources.
+    """
+
+    def __init__(self, session: boto3.Session, region: str):
+        """Initialize the collector.
+
+        Args:
+            session: Boto3 session with AWS credentials
+            region: AWS region to collect from (may be ignored for global services)
+        """
+        self.session = session
+        self.region = region
+        self.logger = logging.getLogger(f"{__name__}.{self.__class__.__name__}")
+
+    @abstractmethod
+    def collect(self) -> List[Resource]:
+        """Collect all resources for this service.
+
+        Returns:
+            List of Resource instances
+
+        Raises:
+            Exception: If collection fails (should be handled by caller)
+        """
+        pass
+
+    @property
+    @abstractmethod
+    def service_name(self) -> str:
+        """Return the AWS service name (e.g., 'ec2', 'iam', 'lambda')."""
+        pass
+
+    @property
+    def is_global_service(self) -> bool:
+        """Return True if this is a global service (like IAM).
+
+        Global services should only be collected once, not per-region.
+        """
+        return False
+
+    def _create_client(self, service_name: Optional[str] = None):  # type: ignore
+        """Create a boto3 client for this service.
+
+        Args:
+            service_name: Service name override (defaults to self.service_name)
+
+        Returns:
+            Boto3 client instance
+        """
+        from ...aws.client import create_boto_client
+
+        svc = service_name or self.service_name
+        profile = self.session.profile_name if hasattr(self.session, "profile_name") else None
+
+        return create_boto_client(service_name=svc, region_name=self.region, profile_name=profile)
+
+    def _get_account_id(self) -> str:
+        """Get the AWS account ID from the session.
+
+        Returns:
+            12-digit AWS account ID
+        """
+        sts = self._create_client("sts")
+        return sts.get_caller_identity()["Account"]

src/snapshot/resource_collectors/cloudformation.py

@@ -0,0 +1,55 @@
+"""CloudFormation resource collector."""
+
+from typing import List
+
+from ...models.resource import Resource
+from ...utils.hash import compute_config_hash
+from .base import BaseResourceCollector
+
+
+class CloudFormationCollector(BaseResourceCollector):
+    """Collector for AWS CloudFormation resources (stacks)."""
+
+    @property
+    def service_name(self) -> str:
+        return "cloudformation"
+
+    def collect(self) -> List[Resource]:
+        """Collect CloudFormation resources.
+
+        Returns:
+            List of CloudFormation stacks
+        """
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("describe_stacks")
+            for page in paginator.paginate():
+                for stack in page.get("Stacks", []):
+                    stack_name = stack["StackName"]
+                    stack_id = stack["StackId"]
+
+                    # Extract tags
+                    tags = {}
+                    for tag in stack.get("Tags", []):
+                        tags[tag["Key"]] = tag["Value"]
+
+                    # Create resource
+                    resource = Resource(
+                        arn=stack_id,  # Stack ID is actually the ARN
+                        resource_type="AWS::CloudFormation::Stack",
+                        name=stack_name,
+                        region=self.region,
+                        tags=tags,
+                        config_hash=compute_config_hash(stack),
+                        created_at=stack.get("CreationTime"),
+                        raw_config=stack,
+                    )
+                    resources.append(resource)
+
+        except Exception as e:
+            self.logger.error(f"Error collecting CloudFormation stacks in {self.region}: {e}")
+
+        self.logger.debug(f"Collected {len(resources)} CloudFormation stacks in {self.region}")
+        return resources

src/snapshot/resource_collectors/cloudwatch.py

@@ -0,0 +1,109 @@
+"""CloudWatch resource collector."""
+
+from typing import List
+
+from ...models.resource import Resource
+from ...utils.hash import compute_config_hash
+from .base import BaseResourceCollector
+
+
+class CloudWatchCollector(BaseResourceCollector):
+    """Collector for AWS CloudWatch resources (alarms, log groups)."""
+
+    @property
+    def service_name(self) -> str:
+        return "cloudwatch"
+
+    def collect(self) -> List[Resource]:
+        """Collect CloudWatch resources.
+
+        Returns:
+            List of CloudWatch resources
+        """
+        resources = []
+        account_id = self._get_account_id()
+
+        # Collect alarms
+        resources.extend(self._collect_alarms(account_id))
+
+        # Collect log groups
+        resources.extend(self._collect_log_groups(account_id))
+
+        self.logger.debug(f"Collected {len(resources)} CloudWatch resources in {self.region}")
+        return resources
+
+    def _collect_alarms(self, account_id: str) -> List[Resource]:
+        """Collect CloudWatch alarms."""
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("describe_alarms")
+            for page in paginator.paginate():
+                for alarm in page.get("MetricAlarms", []) + page.get("CompositeAlarms", []):
+                    alarm_name = alarm["AlarmName"]
+                    alarm_arn = alarm["AlarmArn"]
+
+                    # Extract alarm type
+                    alarm_type = "AWS::CloudWatch::Alarm"
+                    if "CompositeAlarms" in str(type(alarm)):
+                        alarm_type = "AWS::CloudWatch::CompositeAlarm"
+
+                    # Create resource (CloudWatch alarms don't support tags directly)
+                    resource = Resource(
+                        arn=alarm_arn,
+                        resource_type=alarm_type,
+                        name=alarm_name,
+                        region=self.region,
+                        tags={},
+                        config_hash=compute_config_hash(alarm),
+                        created_at=alarm.get("AlarmConfigurationUpdatedTimestamp"),
+                        raw_config=alarm,
+                    )
+                    resources.append(resource)
+
+        except Exception as e:
+            self.logger.error(f"Error collecting CloudWatch alarms in {self.region}: {e}")
+
+        return resources
+
+    def _collect_log_groups(self, account_id: str) -> List[Resource]:
+        """Collect CloudWatch log groups."""
+        resources = []
+
+        try:
+            logs_client = self._create_client("logs")
+
+            paginator = logs_client.get_paginator("describe_log_groups")
+            for page in paginator.paginate():
+                for log_group in page.get("logGroups", []):
+                    log_group_name = log_group["logGroupName"]
+
+                    # Build ARN
+                    arn = log_group.get("arn", f"arn:aws:logs:{self.region}:{account_id}:log-group:{log_group_name}")
+
+                    # Get tags
+                    tags = {}
+                    try:
+                        tag_response = logs_client.list_tags_log_group(logGroupName=log_group_name)
+                        tags = tag_response.get("tags", {})
+                    except Exception as e:
+                        self.logger.debug(f"Could not get tags for log group {log_group_name}: {e}")
+
+                    # Create resource
+                    resource = Resource(
+                        arn=arn,
+                        resource_type="AWS::Logs::LogGroup",
+                        name=log_group_name,
+                        region=self.region,
+                        tags=tags,
+                        config_hash=compute_config_hash(log_group),
+                        created_at=None,  # Log groups don't expose creation timestamp easily
+                        raw_config=log_group,
+                    )
+                    resources.append(resource)
+
+        except Exception as e:
+            self.logger.error(f"Error collecting CloudWatch log groups in {self.region}: {e}")
+
+        return resources

src/snapshot/resource_collectors/codebuild.py

@@ -0,0 +1,69 @@
+"""CodeBuild resource collector."""
+
+from typing import List
+
+from ...models.resource import Resource
+from ...utils.hash import compute_config_hash
+from .base import BaseResourceCollector
+
+
+class CodeBuildCollector(BaseResourceCollector):
+    """Collector for AWS CodeBuild resources."""
+
+    @property
+    def service_name(self) -> str:
+        return "codebuild"
+
+    def collect(self) -> List[Resource]:
+        """Collect CodeBuild projects.
+
+        Returns:
+            List of CodeBuild project resources
+        """
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("list_projects")
+            project_names = []
+            for page in paginator.paginate():
+                project_names.extend(page.get("projects", []))
+
+            # Get detailed info for projects (in batches of 100)
+            for i in range(0, len(project_names), 100):
+                batch = project_names[i : i + 100]
+                try:
+                    response = client.batch_get_projects(names=batch)
+                    for project in response.get("projects", []):
+                        project_name = project["name"]
+                        project_arn = project["arn"]
+
+                        # Extract tags
+                        tags = {}
+                        for tag in project.get("tags", []):
+                            tags[tag["key"]] = tag["value"]
+
+                        # Extract creation date
+                        created_at = project.get("created")
+
+                        # Create resource
+                        resource = Resource(
+                            arn=project_arn,
+                            resource_type="AWS::CodeBuild::Project",
+                            name=project_name,
+                            region=self.region,
+                            tags=tags,
+                            config_hash=compute_config_hash(project),
+                            created_at=created_at,
+                            raw_config=project,
+                        )
+                        resources.append(resource)
+
+                except Exception as e:
+                    self.logger.debug(f"Error processing project batch: {e}")
+
+        except Exception as e:
+            self.logger.error(f"Error collecting CodeBuild projects in {self.region}: {e}")
+
+        self.logger.debug(f"Collected {len(resources)} CodeBuild projects in {self.region}")
+        return resources

src/snapshot/resource_collectors/codepipeline.py

@@ -0,0 +1,82 @@
+"""CodePipeline resource collector."""
+
+from typing import List
+
+from ...models.resource import Resource
+from ...utils.hash import compute_config_hash
+from .base import BaseResourceCollector
+
+
+class CodePipelineCollector(BaseResourceCollector):
+    """Collector for AWS CodePipeline resources."""
+
+    @property
+    def service_name(self) -> str:
+        return "codepipeline"
+
+    def collect(self) -> List[Resource]:
+        """Collect CodePipeline pipelines.
+
+        Returns:
+            List of CodePipeline resources
+        """
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("list_pipelines")
+            for page in paginator.paginate():
+                for pipeline_summary in page.get("pipelines", []):
+                    pipeline_name = pipeline_summary["name"]
+
+                    try:
+                        # Get detailed pipeline info
+                        pipeline_response = client.get_pipeline(name=pipeline_name)
+                        pipeline = pipeline_response.get("pipeline", {})
+                        metadata = pipeline_response.get("metadata", {})
+
+                        # Get tags
+                        tags = {}
+                        try:
+                            # Build ARN for tags
+                            pipeline_arn = metadata.get("pipelineArn", "")
+                            if pipeline_arn:
+                                tag_response = client.list_tags_for_resource(resourceArn=pipeline_arn)
+                                for tag in tag_response.get("tags", []):
+                                    tags[tag["key"]] = tag["value"]
+                        except Exception as e:
+                            self.logger.debug(f"Could not get tags for pipeline {pipeline_name}: {e}")
+
+                        # Extract creation/update dates
+                        created_at = metadata.get("created")
+
+                        # Build ARN
+                        arn = metadata.get(
+                            "pipelineArn", f"arn:aws:codepipeline:{self.region}:*:pipeline/{pipeline_name}"
+                        )
+
+                        # Create resource (exclude large stage/action definitions for size)
+                        config = {k: v for k, v in pipeline.items() if k not in ["stages"]}
+                        config["stageCount"] = len(pipeline.get("stages", []))
+
+                        resource = Resource(
+                            arn=arn,
+                            resource_type="AWS::CodePipeline::Pipeline",
+                            name=pipeline_name,
+                            region=self.region,
+                            tags=tags,
+                            config_hash=compute_config_hash(config),
+                            created_at=created_at,
+                            raw_config=config,
+                        )
+                        resources.append(resource)
+
+                    except Exception as e:
+                        self.logger.debug(f"Error processing pipeline {pipeline_name}: {e}")
+                        continue
+
+        except Exception as e:
+            self.logger.error(f"Error collecting CodePipeline pipelines in {self.region}: {e}")
+
+        self.logger.debug(f"Collected {len(resources)} CodePipeline pipelines in {self.region}")
+        return resources

src/snapshot/resource_collectors/dynamodb.py

@@ -0,0 +1,65 @@
+"""DynamoDB resource collector."""
+
+from typing import List
+
+from ...models.resource import Resource
+from ...utils.hash import compute_config_hash
+from .base import BaseResourceCollector
+
+
+class DynamoDBCollector(BaseResourceCollector):
+    """Collector for AWS DynamoDB resources (tables)."""
+
+    @property
+    def service_name(self) -> str:
+        return "dynamodb"
+
+    def collect(self) -> List[Resource]:
+        """Collect DynamoDB resources.
+
+        Returns:
+            List of DynamoDB tables
+        """
+        resources = []
+        client = self._create_client()
+
+        try:
+            paginator = client.get_paginator("list_tables")
+            for page in paginator.paginate():
+                for table_name in page.get("TableNames", []):
+                    try:
+                        # Get table details
+                        table_response = client.describe_table(TableName=table_name)
+                        table = table_response.get("Table", {})
+
+                        table_arn = table.get("TableArn")
+
+                        # Get tags
+                        tags = {}
+                        try:
+                            tag_response = client.list_tags_of_resource(ResourceArn=table_arn)
+                            tags = {tag["Key"]: tag["Value"] for tag in tag_response.get("Tags", [])}
+                        except Exception as e:
+                            self.logger.debug(f"Could not get tags for DynamoDB table {table_name}: {e}")
+
+                        # Create resource
+                        resource = Resource(
+                            arn=table_arn,
+                            resource_type="AWS::DynamoDB::Table",
+                            name=table_name,
+                            region=self.region,
+                            tags=tags,
+                            config_hash=compute_config_hash(table),
+                            created_at=table.get("CreationDateTime"),
+                            raw_config=table,
+                        )
+                        resources.append(resource)
+
+                    except Exception as e:
+                        self.logger.debug(f"Could not get details for DynamoDB table {table_name}: {e}")
+
+        except Exception as e:
+            self.logger.error(f"Error collecting DynamoDB tables in {self.region}: {e}")
+
+        self.logger.debug(f"Collected {len(resources)} DynamoDB tables in {self.region}")
+        return resources