multi-aws-tool 0.1.1__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- multi_aws_tool-0.1.1/PKG-INFO +407 -0
- multi_aws_tool-0.1.1/README.md +392 -0
- multi_aws_tool-0.1.1/multi_aws_tool/__init__.py +65 -0
- multi_aws_tool-0.1.1/multi_aws_tool/aws/__init__.py +4 -0
- multi_aws_tool-0.1.1/multi_aws_tool/aws/account_manager.py +335 -0
- multi_aws_tool-0.1.1/multi_aws_tool/aws/sso_client.py +444 -0
- multi_aws_tool-0.1.1/multi_aws_tool/cli/__init__.py +4 -0
- multi_aws_tool-0.1.1/multi_aws_tool/cli/commands.py +1799 -0
- multi_aws_tool-0.1.1/multi_aws_tool/config/__init__.py +4 -0
- multi_aws_tool-0.1.1/multi_aws_tool/config/manager.py +250 -0
- multi_aws_tool-0.1.1/multi_aws_tool/config/schema.py +199 -0
- multi_aws_tool-0.1.1/multi_aws_tool/main.py +22 -0
- multi_aws_tool-0.1.1/multi_aws_tool/models/__init__.py +4 -0
- multi_aws_tool-0.1.1/multi_aws_tool/models/account.py +265 -0
- multi_aws_tool-0.1.1/multi_aws_tool/models/config.py +173 -0
- multi_aws_tool-0.1.1/multi_aws_tool/models/result.py +257 -0
- multi_aws_tool-0.1.1/multi_aws_tool/output.py +476 -0
- multi_aws_tool-0.1.1/multi_aws_tool/utils/__init__.py +4 -0
- multi_aws_tool-0.1.1/multi_aws_tool/utils/account_data.py +365 -0
- multi_aws_tool-0.1.1/multi_aws_tool/utils/data_validation.py +365 -0
- multi_aws_tool-0.1.1/multi_aws_tool/utils/logging_config.py +90 -0
- multi_aws_tool-0.1.1/multi_aws_tool/utils/report_parser.py +195 -0
- multi_aws_tool-0.1.1/multi_aws_tool/utils/validators.py +229 -0
- multi_aws_tool-0.1.1/pyproject.toml +27 -0
|
@@ -0,0 +1,407 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: multi-aws-tool
|
|
3
|
+
Version: 0.1.1
|
|
4
|
+
Summary: Multi AWS tool for managing operations across multiple AWS accounts via SSO
|
|
5
|
+
Requires-Python: >=3.8
|
|
6
|
+
Description-Content-Type: text/markdown
|
|
7
|
+
Requires-Dist: click>=8.1
|
|
8
|
+
Requires-Dist: boto3>=1.26.0
|
|
9
|
+
Requires-Dist: configparser>=5.0.0
|
|
10
|
+
Requires-Dist: pyyaml>=6.0
|
|
11
|
+
Requires-Dist: colorama>=0.4.0
|
|
12
|
+
Requires-Dist: tabulate>=0.9.0
|
|
13
|
+
Project-URL: Homepage, https://github.com/amahlaka/multi-aws-tool
|
|
14
|
+
Project-URL: Repository, https://github.com/amahlaka/multi-aws-tool
|
|
15
|
+
|
|
16
|
+
# MultiAWSTool
|
|
17
|
+
|
|
18
|
+
A command-line tool for managing multiple AWS accounts through AWS SSO. Execute AWS CLI commands across multiple accounts safely and efficiently with built-in security controls and parallel execution support.
|
|
19
|
+
|
|
20
|
+
## Features
|
|
21
|
+
|
|
22
|
+
- **Multi-account Operations**: Execute AWS CLI commands across multiple accounts via SSO
|
|
23
|
+
- **Automated Profile Management**: Generate and manage AWS CLI profiles automatically
|
|
24
|
+
- **Parallel & Sequential Execution**: Choose between parallel (fast) or sequential (safe) execution modes
|
|
25
|
+
- **Smart Output Management**: Configurable output formatting with customizable file naming patterns
|
|
26
|
+
- **Security Controls**: Built-in protection against destructive operations with configurable overrides
|
|
27
|
+
- **Shell Completion**: Full shell completion support for bash, zsh, and fish
|
|
28
|
+
- **Library Integration**: Import as a Python library for use in other tools and scripts
|
|
29
|
+
|
|
30
|
+
## Installation
|
|
31
|
+
|
|
32
|
+
### Option 1: Install as Package (Recommended)
|
|
33
|
+
|
|
34
|
+
Install MultiAWSTool as a Python package to get the `multi-aws` command:
|
|
35
|
+
|
|
36
|
+
```bash
|
|
37
|
+
# Clone the repository
|
|
38
|
+
git clone <repository-url>
|
|
39
|
+
cd MultiAWSTool
|
|
40
|
+
|
|
41
|
+
# Install in development mode (creates multi-aws command)
|
|
42
|
+
pip install -e .
|
|
43
|
+
|
|
44
|
+
# Or install from PyPI when published
|
|
45
|
+
pip install multi-aws-tool
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
After installation, you can use the `multi-aws` command directly:
|
|
49
|
+
```bash
|
|
50
|
+
multi-aws --help
|
|
51
|
+
multi-aws configure
|
|
52
|
+
```
|
|
53
|
+
|
|
54
|
+
## Publishing
|
|
55
|
+
|
|
56
|
+
PyPI publishing is handled by GitHub Actions. Publishing a GitHub release, or manually running the `Publish to PyPI` workflow, builds the package and uploads the generated distributions to PyPI using trusted publishing.
|
|
57
|
+
|
|
58
|
+
Before the workflow can publish successfully, configure the `amahlaka/multi-aws-tool` repository as a trusted publisher in PyPI and allow the `pypi` GitHub Actions environment to deploy.
|
|
59
|
+
|
|
60
|
+
### Option 2: Development Setup
|
|
61
|
+
|
|
62
|
+
For development or if you prefer to run directly:
|
|
63
|
+
|
|
64
|
+
```bash
|
|
65
|
+
# Clone and setup
|
|
66
|
+
git clone <repository-url>
|
|
67
|
+
cd MultiAWSTool
|
|
68
|
+
|
|
69
|
+
# Create virtual environment
|
|
70
|
+
python3 -m venv venv
|
|
71
|
+
source venv/bin/activate # On Windows: venv\Scripts\activate
|
|
72
|
+
|
|
73
|
+
# Install dependencies
|
|
74
|
+
pip install -r requirements.txt
|
|
75
|
+
|
|
76
|
+
# Run directly
|
|
77
|
+
python main.py --help
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
### Shell Completion Setup
|
|
81
|
+
|
|
82
|
+
Enable shell completion for better command-line experience:
|
|
83
|
+
|
|
84
|
+
```bash
|
|
85
|
+
# Generate completion script for your shell
|
|
86
|
+
multi-aws completion --shell zsh # or bash, fish
|
|
87
|
+
|
|
88
|
+
# For zsh, add to ~/.zshrc:
|
|
89
|
+
eval "$(_MULTI_AWS_COMPLETE=zsh_source multi-aws)"
|
|
90
|
+
|
|
91
|
+
# For bash, add to ~/.bashrc:
|
|
92
|
+
eval "$(_MULTI_AWS_COMPLETE=bash_source multi-aws)"
|
|
93
|
+
|
|
94
|
+
# Or install directly:
|
|
95
|
+
multi-aws completion --shell zsh > ~/.multi-aws-completion.zsh
|
|
96
|
+
echo "source ~/.multi-aws-completion.zsh" >> ~/.zshrc
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
## Quick Start
|
|
100
|
+
|
|
101
|
+
1. **Install the tool** (see Installation section above)
|
|
102
|
+
|
|
103
|
+
2. **Configure the tool**:
|
|
104
|
+
```bash
|
|
105
|
+
multi-aws configure
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
3. **Initialize SSO and discover accounts**:
|
|
109
|
+
```bash
|
|
110
|
+
multi-aws init --sso-session default
|
|
111
|
+
```
|
|
112
|
+
|
|
113
|
+
4. **Fetch roles for accounts**:
|
|
114
|
+
```bash
|
|
115
|
+
multi-aws roles --accounts 123456789012,987654321098
|
|
116
|
+
```
|
|
117
|
+
|
|
118
|
+
5. **Generate AWS profiles**:
|
|
119
|
+
```bash
|
|
120
|
+
multi-aws profiles --accounts 123456789012 --role PowerUserAccess --append-to-config
|
|
121
|
+
```
|
|
122
|
+
|
|
123
|
+
6. **Run commands across accounts**:
|
|
124
|
+
```bash
|
|
125
|
+
multi-aws run 'sts get-caller-identity' --accounts 123456789012,987654321098
|
|
126
|
+
```
|
|
127
|
+
|
|
128
|
+
### Advanced Usage Examples
|
|
129
|
+
|
|
130
|
+
**Run commands in parallel with output saving**:
|
|
131
|
+
```bash
|
|
132
|
+
multi-aws run 'ec2 describe-instances' --accounts all --parallel --save
|
|
133
|
+
```
|
|
134
|
+
|
|
135
|
+
**Filter accounts by team and run with custom timeout**:
|
|
136
|
+
```bash
|
|
137
|
+
multi-aws run 'iam list-users' --team production --timeout 60
|
|
138
|
+
```
|
|
139
|
+
|
|
140
|
+
**Dry run to see what would be executed**:
|
|
141
|
+
```bash
|
|
142
|
+
multi-aws run 'ec2 terminate-instances --instance-ids i-1234567890abcdef0' --accounts 123456789012 --dry-run
|
|
143
|
+
```
|
|
144
|
+
|
|
145
|
+
## Commands
|
|
146
|
+
|
|
147
|
+
### Core Commands
|
|
148
|
+
- **`configure`**: Interactive setup of tool configuration
|
|
149
|
+
- **`init`**: Initialize SSO authentication and discover AWS accounts
|
|
150
|
+
- **`roles`**: Fetch available IAM roles for specified accounts
|
|
151
|
+
- **`profiles`**: Generate AWS CLI profiles for account/role combinations
|
|
152
|
+
- **`run`**: Execute AWS CLI commands across multiple accounts
|
|
153
|
+
- **`sync`**: Sync profile names from AWS config to account data
|
|
154
|
+
|
|
155
|
+
### Management Commands
|
|
156
|
+
- **`cleanup`**: Remove tool-generated configurations (profiles, tokens, account data)
|
|
157
|
+
- **`clean-duplicates`**: Find and remove duplicate AWS profiles
|
|
158
|
+
- **`sanitize-names`**: Clean account names for profile compatibility
|
|
159
|
+
- **`assign-team`**: Assign product team labels to accounts
|
|
160
|
+
- **`list-team-accounts`**: List accounts by product team
|
|
161
|
+
|
|
162
|
+
### Utility Commands
|
|
163
|
+
- **`completion`**: Generate shell completion scripts
|
|
164
|
+
|
|
165
|
+
### Command Examples
|
|
166
|
+
|
|
167
|
+
```bash
|
|
168
|
+
# Interactive configuration
|
|
169
|
+
multi-aws configure
|
|
170
|
+
|
|
171
|
+
# Discover accounts with specific SSO session
|
|
172
|
+
multi-aws init --sso-session my-sso-session
|
|
173
|
+
|
|
174
|
+
# Get roles for specific accounts
|
|
175
|
+
multi-aws roles --accounts 123456789012,987654321098
|
|
176
|
+
|
|
177
|
+
# Generate profiles and add to AWS config
|
|
178
|
+
multi-aws profiles --accounts 123456789012 --role PowerUserAccess --append-to-config
|
|
179
|
+
|
|
180
|
+
# Execute commands across all active accounts
|
|
181
|
+
multi-aws run 'sts get-caller-identity' --accounts all
|
|
182
|
+
|
|
183
|
+
# Execute in parallel with custom output directory
|
|
184
|
+
multi-aws run 'ec2 describe-regions' --accounts file:accounts.txt --parallel --output-dir ./results
|
|
185
|
+
|
|
186
|
+
# Assign team to accounts
|
|
187
|
+
multi-aws assign-team --accounts 123456789012,987654321098 --team backend-team
|
|
188
|
+
|
|
189
|
+
# List accounts by team
|
|
190
|
+
multi-aws list-team-accounts --team backend-team
|
|
191
|
+
|
|
192
|
+
# Clean up duplicate profiles
|
|
193
|
+
multi-aws clean-duplicates --dry-run
|
|
194
|
+
```
|
|
195
|
+
|
|
196
|
+
## Configuration
|
|
197
|
+
|
|
198
|
+
The tool creates a configuration file at `~/.multi-aws/config.ini` with comprehensive settings:
|
|
199
|
+
|
|
200
|
+
### Configuration Sections
|
|
201
|
+
|
|
202
|
+
**General Settings**:
|
|
203
|
+
- AWS profile prefix for generated profiles
|
|
204
|
+
- SSO session name
|
|
205
|
+
- Default AWS region
|
|
206
|
+
- Account data file location
|
|
207
|
+
|
|
208
|
+
**Output Settings**:
|
|
209
|
+
- Filename pattern with placeholders (`!A`=account-name, `!c`=command, `!d`=date)
|
|
210
|
+
- Output format (json, yaml, txt, csv)
|
|
211
|
+
- Output directory path
|
|
212
|
+
|
|
213
|
+
**Execution Settings**:
|
|
214
|
+
- Execution mode (parallel or sequential)
|
|
215
|
+
- Error handling (stop after N errors)
|
|
216
|
+
- Command timeout settings
|
|
217
|
+
|
|
218
|
+
**Security Settings**:
|
|
219
|
+
- Allow/deny destructive commands
|
|
220
|
+
- Command validation rules
|
|
221
|
+
|
|
222
|
+
**Logging Settings**:
|
|
223
|
+
- Log level and file location
|
|
224
|
+
- Console logging preferences
|
|
225
|
+
- Log rotation settings
|
|
226
|
+
|
|
227
|
+
### Environment Variables
|
|
228
|
+
|
|
229
|
+
You can override configuration using environment variables with the `MULTI_AWS_` prefix:
|
|
230
|
+
```bash
|
|
231
|
+
export MULTI_AWS_REGION=eu-west-1
|
|
232
|
+
export MULTI_AWS_TIMEOUT=600
|
|
233
|
+
export MULTI_AWS_VERBOSE=1
|
|
234
|
+
```
|
|
235
|
+
|
|
236
|
+
### Configuration File Example
|
|
237
|
+
|
|
238
|
+
```ini
|
|
239
|
+
[general]
|
|
240
|
+
prefix = multi-aws
|
|
241
|
+
sso-session = default
|
|
242
|
+
region = us-east-1
|
|
243
|
+
account-file = ~/.multi-aws/accounts.json
|
|
244
|
+
|
|
245
|
+
[output]
|
|
246
|
+
pattern = !A-!c-!d
|
|
247
|
+
format = json
|
|
248
|
+
path = ~/.multi-aws/outputs
|
|
249
|
+
|
|
250
|
+
[execution]
|
|
251
|
+
mode = sequential
|
|
252
|
+
stop-on-errors = 0
|
|
253
|
+
|
|
254
|
+
[security]
|
|
255
|
+
allow-destructive-commands = false
|
|
256
|
+
|
|
257
|
+
[logging]
|
|
258
|
+
level = INFO
|
|
259
|
+
file = ~/.multi-aws/logs/multi-aws.log
|
|
260
|
+
console = true
|
|
261
|
+
```
|
|
262
|
+
|
|
263
|
+
## Using as a Python Library
|
|
264
|
+
|
|
265
|
+
MultiAWSTool can be imported and used as a library in other Python projects:
|
|
266
|
+
|
|
267
|
+
```python
|
|
268
|
+
from multi_aws_tool import AccountManager, ConfigManager, OutputParser
|
|
269
|
+
|
|
270
|
+
# Initialize managers
|
|
271
|
+
config_manager = ConfigManager()
|
|
272
|
+
account_manager = AccountManager()
|
|
273
|
+
|
|
274
|
+
# Discover accounts
|
|
275
|
+
accounts = account_manager.discover_accounts()
|
|
276
|
+
|
|
277
|
+
# Parse execution results
|
|
278
|
+
from multi_aws_tool.output import parse_execution_summary
|
|
279
|
+
summary = parse_execution_summary('execution_summary_20251031_120000.json')
|
|
280
|
+
print(f"Success rate: {summary.success_rate:.1f}%")
|
|
281
|
+
```
|
|
282
|
+
|
|
283
|
+
For detailed library usage, see [LIBRARY_USAGE.md](LIBRARY_USAGE.md) and [OUTPUT_MODULE.md](OUTPUT_MODULE.md).
|
|
284
|
+
|
|
285
|
+
## Output Structure
|
|
286
|
+
|
|
287
|
+
MultiAWSTool generates structured output files that can be easily parsed by other tools:
|
|
288
|
+
|
|
289
|
+
### Execution Summary Files
|
|
290
|
+
- **Format**: `execution_summary_YYYYMMDD_HHMMSS.json`
|
|
291
|
+
- **Content**: Complete execution results with metadata, timing, and error information
|
|
292
|
+
- **Usage**: Import using the `multi_aws_tool.output` module for analysis
|
|
293
|
+
|
|
294
|
+
### Individual Account Output Files
|
|
295
|
+
- **Format**: `{account-name}-{command}-{date}.{format}`
|
|
296
|
+
- **Content**: Raw AWS CLI command output for each account
|
|
297
|
+
- **Customizable**: Filename patterns and formats configurable
|
|
298
|
+
|
|
299
|
+
### Example Output Structure
|
|
300
|
+
```
|
|
301
|
+
~/.multi-aws/outputs/
|
|
302
|
+
├── execution_summary_20251031_120000.json
|
|
303
|
+
├── production-account-sts-get-caller-identity-20251031.json
|
|
304
|
+
├── staging-account-sts-get-caller-identity-20251031.json
|
|
305
|
+
└── dev-account-sts-get-caller-identity-20251031.json
|
|
306
|
+
```
|
|
307
|
+
|
|
308
|
+
## Troubleshooting
|
|
309
|
+
|
|
310
|
+
### Common Issues
|
|
311
|
+
|
|
312
|
+
**Command not found after installation**:
|
|
313
|
+
```bash
|
|
314
|
+
# Ensure the virtual environment is activated
|
|
315
|
+
source venv/bin/activate
|
|
316
|
+
|
|
317
|
+
# Or check if ~/.local/bin is in your PATH
|
|
318
|
+
export PATH="$HOME/.local/bin:$PATH"
|
|
319
|
+
```
|
|
320
|
+
|
|
321
|
+
**SSO Authentication Failed**:
|
|
322
|
+
```bash
|
|
323
|
+
# Check SSO configuration in ~/.aws/config
|
|
324
|
+
cat ~/.aws/config
|
|
325
|
+
|
|
326
|
+
# Re-initialize if needed
|
|
327
|
+
multi-aws init --sso-session your-session-name
|
|
328
|
+
```
|
|
329
|
+
|
|
330
|
+
**Profile Generation Issues**:
|
|
331
|
+
```bash
|
|
332
|
+
# Clean up existing profiles first
|
|
333
|
+
multi-aws clean-duplicates
|
|
334
|
+
|
|
335
|
+
# Regenerate profiles
|
|
336
|
+
multi-aws profiles --accounts <account-ids> --role <role-name> --append-to-config
|
|
337
|
+
```
|
|
338
|
+
|
|
339
|
+
**Permission Errors**:
|
|
340
|
+
```bash
|
|
341
|
+
# Check account roles
|
|
342
|
+
multi-aws roles --accounts <account-id>
|
|
343
|
+
|
|
344
|
+
# Verify profile works
|
|
345
|
+
aws --profile <profile-name> sts get-caller-identity
|
|
346
|
+
```
|
|
347
|
+
|
|
348
|
+
### Debug Mode
|
|
349
|
+
|
|
350
|
+
Enable verbose logging for troubleshooting:
|
|
351
|
+
```bash
|
|
352
|
+
multi-aws --verbose <command>
|
|
353
|
+
```
|
|
354
|
+
|
|
355
|
+
## Development
|
|
356
|
+
|
|
357
|
+
### Setting up Development Environment
|
|
358
|
+
|
|
359
|
+
```bash
|
|
360
|
+
# Clone and setup
|
|
361
|
+
git clone <repository-url>
|
|
362
|
+
cd MultiAWSTool
|
|
363
|
+
|
|
364
|
+
# Create virtual environment
|
|
365
|
+
python3 -m venv venv
|
|
366
|
+
source venv/bin/activate
|
|
367
|
+
|
|
368
|
+
# Install in development mode
|
|
369
|
+
pip install -e .
|
|
370
|
+
|
|
371
|
+
# Install development dependencies
|
|
372
|
+
pip install -r requirements-dev.txt # if available
|
|
373
|
+
|
|
374
|
+
# Run tests
|
|
375
|
+
python -m pytest tests/ # if tests exist
|
|
376
|
+
```
|
|
377
|
+
|
|
378
|
+
### Project Structure
|
|
379
|
+
|
|
380
|
+
```
|
|
381
|
+
MultiAWSTool/
|
|
382
|
+
├── multi_aws_tool/ # Main package
|
|
383
|
+
│ ├── __init__.py # Package exports
|
|
384
|
+
│ ├── main.py # CLI entry point
|
|
385
|
+
│ ├── output.py # Output parsing module
|
|
386
|
+
│ ├── aws/ # AWS integration
|
|
387
|
+
│ ├── cli/ # Command-line interface
|
|
388
|
+
│ ├── config/ # Configuration management
|
|
389
|
+
│ ├── models/ # Data models
|
|
390
|
+
│ └── utils/ # Utility functions
|
|
391
|
+
├── examples/ # Usage examples
|
|
392
|
+
├── pyproject.toml # Package configuration
|
|
393
|
+
├── requirements.txt # Dependencies
|
|
394
|
+
└── README.md # This file
|
|
395
|
+
```
|
|
396
|
+
|
|
397
|
+
## Contributing
|
|
398
|
+
|
|
399
|
+
1. Fork the repository
|
|
400
|
+
2. Create a feature branch
|
|
401
|
+
3. Make your changes
|
|
402
|
+
4. Add tests if applicable
|
|
403
|
+
5. Submit a pull request
|
|
404
|
+
|
|
405
|
+
## License
|
|
406
|
+
|
|
407
|
+
MIT License
|