PyPI - reverse-diagrams - Versions diffs - 0.2.5__py3-none-any.whl → 1.0.0__py3-none-any.whl - Mend

reverse-diagrams 0.2.5py3-none-any.whl → 1.0.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

{reverse_diagrams-0.2.5.dist-info → reverse_diagrams-1.0.0.dist-info}/METADATA +36 -24
reverse_diagrams-1.0.0.dist-info/RECORD +20 -0
{reverse_diagrams-0.2.5.dist-info → reverse_diagrams-1.0.0.dist-info}/WHEEL +1 -1
reverse_diagrams-1.0.0.dist-info/licenses/LICENSE +13 -0
src/aws/describe_identity_store.py +172 -49
src/aws/describe_organization.py +91 -36
src/aws/describe_sso.py +133 -20
src/banner/banner.py +7 -2
src/dgms/graph_mapper.py +76 -32
src/dgms/graph_template.py +4 -4
src/export_report/export_csv.py +3 -2
src/reports/save_results.py +24 -0
src/reverse_diagrams.py +325 -169
src/version.py +2 -0
docs/graph_org.py +0 -8
docs/graph_sso.py +0 -39
docs/graph_sso_complete.py +0 -596
reverse_diagrams-0.2.5.dist-info/RECORD +0 -21
reverse_diagrams-0.2.5.dist-info/licenses/LICENSE +0 -21
{reverse_diagrams-0.2.5.dist-info → reverse_diagrams-1.0.0.dist-info}/entry_points.txt +0 -0
/__init__.py → /src/reports/__init__.py +0 -0

src/aws/describe_sso.py CHANGED Viewed

@@ -1,53 +1,166 @@
-import boto3
 import logging
+from boto3 import client
-def list_instances(client=boto3.client('sso-admin', region_name="us-east-2")):
-    response = client.list_instances(
-    )
+def list_instances(region: str):
+    """
+    List all instances in the region.
+    :param region:
+    :return:
+    """
+    sso_client = client("sso-admin", region_name=region)
+    response = sso_client.list_instances()
     return response["Instances"]
-def list_account_assignments(instance_arn, account_id,
-                             permission_set_arn,
-                             client=boto3.client('sso-admin', region_name="us-east-2"), ):
-    response = client.list_account_assignments(
+# def list account assignments with pagination
+def list_account_assignments_pag(
+    instance_arn, account_id, permission_set_arn, region, next_token
+):
+    """
+    List all account assignments.
+    :param instance_arn:
+    :param account_id:
+    :param permission_set_arn:
+    :param region:
+    :return:
+    """
+    sso_client = client("sso-admin", region_name=region)
+    paginator = sso_client.get_paginator("list_account_assignments")
+    response_iterator = paginator.paginate(
         InstanceArn=instance_arn,
         AccountId=account_id,
         PermissionSetArn=permission_set_arn,
+        PaginationConfig={
+            "MaxItems": 1000,
+            "PageSize": 20,
+            "StartingToken": next_token,
+        },
     )
+    return response_iterator["AccountAssignments"]
-    return response["AccountAssignments"]
+def list_account_assignments(instance_arn, account_id, permission_set_arn, region):
+    """
+    List all account assignments.
+    :param instance_arn:
+    :param account_id:
+    :param permission_set_arn:
+    :param region:
+    :return:
-def list_permissions_set(instance_arn, client=boto3.client('sso-admin', region_name="us-east-2"), ):
-    response = client.list_permission_sets(
+    """
+    sso_client = client("sso-admin", region_name=region)
+    response = sso_client.list_account_assignments(
+        InstanceArn=instance_arn,
+        AccountId=account_id,
+        PermissionSetArn=permission_set_arn,
+    )
+    account_assignments = response["AccountAssignments"]
+    if len(response["AccountAssignments"]) >= 20:
+        logging.info("Paginating ...")
+        response_iterator = list_account_assignments_pag(
+            instance_arn,
+            account_id,
+            permission_set_arn,
+            region,
+            next_token=response["NextToken"],
+        )
+        for response in response_iterator:
+            logging.debug(response)
+            account_assignments.append(response["AccountAssignments"])
+            logging.info(response["AccountAssignments"])
+    return account_assignments
+def list_permissions_set_pag(instance_arn, region, next_token):
+    """
+    List all permission set in a region.
+    :param instance_arn:
+    :param region:
+    :return:
+    """
+    sso_client = client("sso-admin", region_name=region)
+    paginator = sso_client.get_paginator("list_permission_sets")
+    response_iterator = paginator.paginate(
         InstanceArn=instance_arn,
+        PaginationConfig={
+            "MaxItems": 1000,
+            "PageSize": 20,
+            "StartingToken": next_token,
+        },
+    )
+    return response_iterator["PermissionSets"]
+def list_permissions_set(instance_arn, region):
+    """
+    List all permission set in a region.
+    :param instance_arn:
+    :param region:
+    :return:
+    """
+    sso_client = client(
+        "sso-admin",
+        region_name=region,
     )
+    response = sso_client.list_permission_sets(InstanceArn=instance_arn, MaxResults=20)
     logging.debug(response)
-    return response["PermissionSets"]
+    permissions_set = response["PermissionSets"]
+    if len(response["PermissionSets"]) >= 20:
+        logging.info("Paginating ...")
+        response_iterator = list_permissions_set_pag(
+            instance_arn, region, next_token=response["NextToken"]
+        )
+        for response in response_iterator:
+            logging.debug(response)
+            permissions_set.append(response["PermissionSets"])
+            logging.info(response["PermissionSets"])
+    return permissions_set
+def list_permission_provisioned(account_id, instance_arn, region):
+    """
+    List permission provisioned.
-def list_permission_provisioned(account_id, instance_arn, client=boto3.client('sso-admin', region_name="us-east-2"), ):
-    response = client.list_permission_sets_provisioned_to_account(
+    :param account_id:
+    :param instance_arn:
+    :param region:
+    :return:
+    """
+    l_client = client("sso-admin", region_name=region)
+    response = l_client.list_permission_sets_provisioned_to_account(
         InstanceArn=instance_arn,
         AccountId=account_id,
     )
     logging.debug(response)
     return response["PermissionSets"]
-def extends_permissions_set(permissions_sets, store_arn, client_sso=boto3.client('sso-admin', region_name="us-east-2")):
+def extends_permissions_set(permissions_sets, store_arn, region):
+    """
+    List all permission set in a region
+    :param permissions_sets:
+    :param store_arn:
+    :param region:
+    :return:
+    """
+    sso_client = client("sso-admin", region_name=region)
     l_permissions_set_arn_name = {}
     for p in permissions_sets:
-        response = client_sso.describe_permission_set(
-            InstanceArn=store_arn,
-            PermissionSetArn=p
+        response = sso_client.describe_permission_set(
+            InstanceArn=store_arn, PermissionSetArn=p
         )
         l_permissions_set_arn_name[p] = response["PermissionSet"]["Name"]

src/banner/banner.py CHANGED Viewed

@@ -2,7 +2,6 @@ from colorama import Fore
 banner = """Reverse Diagrams
  #####   ######  #    #  ######  #####    ####   ######
  #    #  #       #    #  #       #    #  #       #
  #    #  #####   #    #  #####   #    #   ####   #####
@@ -21,7 +20,13 @@ banner = """Reverse Diagrams
 def get_version(version):
-    print(Fore.BLUE + banner )
+    """
+    Get package version.
+    :param version:
+    :return:
+    """
+    print(Fore.BLUE + banner)
     print(version + Fore.RESET)

src/dgms/graph_mapper.py CHANGED Viewed

@@ -1,39 +1,49 @@
 import logging
 import os.path
 import re
+from pathlib import Path
 def format_name_string(a_string, action=None):
     """
+    Format name strings to avoid no allowed characters.
     :param a_string:
     :param action:
     :return: sring --terragrunt-json-out
     """
-    if action == 'split':
+    if action == "split":
         if len(a_string) > 17:
             a_string = a_string[:16] + "\\n" + a_string[16:]
-    elif action == 'format':
-        a_string = re.sub('[-!?@.+]', '', a_string)
-        a_string = a_string.replace(" ", '')
+    elif action == "format":
+        a_string = re.sub("[-!?@.+]", "", a_string)
+        a_string = a_string.replace(" ", "")
     return a_string
 def create_sso_mapper_complete(template_file, acc_assignments, d_groups):
+    """
+    Create sso mapper.
+    :param template_file: Template file
+    :param acc_assignments:
+    :param d_groups:
+    :return:
+    """
-    with open(template_file, 'a') as f:
+    with open(template_file, "a") as f:
         ident = "        "
         for key, value in acc_assignments.items():
-            print(f"\n    with Cluster('Account: {key}'):", file=f)
             if len(value) > 0:
+                print(f"\n    with Cluster('Account: {key}'):", file=f)
                 for m in value:
                     logging.debug(m)
                     if "GroupName" in m.keys():
-                        print(f"\n{ident}with Cluster('Group: {m['GroupName']}'):", file=f)
+                        print(
+                            f"\n{ident}with Cluster('Group: {m['GroupName']}'):", file=f
+                        )
                         print(
                             f"\n{ident}{ident}gg_{format_name_string(m['GroupName'], 'format')}=Users(\"{format_name_string(m['GroupName'], 'split')}\")\n"
                             f"{ident}{ident}gg_{format_name_string(m['GroupName'], 'format')} \\\n"
@@ -43,31 +53,39 @@ def create_sso_mapper_complete(template_file, acc_assignments, d_groups):
                             f"{ident}{ident}gg_{format_name_string(m['GroupName'], 'format')} \\\n"
                             f"{ident}{ident}{ident}- Edge(color=\"darkgreen\", style=\"dotted\", label=\"Member\") \\\n"
                             f"{ident}{ident}{ident}- mm_{format_name_string(m['GroupName'], 'format')} \n",
-                            file=f)
+                            file=f,
+                        )
                     if "UserName" in m.keys():
-                        print(f"\n{ident}with Cluster('User: {m['UserName']}'):", file=f)
+                        print(
+                            f"\n{ident}with Cluster('User: {m['UserName']}'):", file=f
+                        )
                         print(
                             f"\n{ident}{ident}uu_{format_name_string(m['UserName'], 'format')}=User(\"{format_name_string(m['UserName'], 'split')}\")\n"
                             f"{ident}{ident}uu_{format_name_string(m['UserName'], 'format')} \\\n"
                             f"{ident}{ident}{ident}- Edge(color=\"brown\", style=\"dotted\") \\\n"
                             f"{ident}{ident}{ident}- IAMPermissions(\"{format_name_string(m['PermissionSetName'], 'split')}\")",
-                            file=f)
+                            file=f,
+                        )
                         # print(f"\n{ident}ou >> uu_{format_name_string(m['UserName'])}\n", file=f)
     f.close()
 def create_file(template_content, file_name, directory_path="."):
     """
+    Create file into directory.
     :param template_content:
     :param file_name:
     :param directory_path:
     :return:
     """
-    f_path=os.path.join(directory_path, file_name)
-    with open(f_path, 'w') as f:
+    # create directory if not exists and is different from .
+    if not os.path.exists(directory_path):
+        os.makedirs(directory_path)
+        logging.debug(f"Directory {directory_path} created")
+    f_path = Path(os.path.join(directory_path, file_name))
+    with open(f_path, "w") as f:
         f.write(template_content)
     f.close()
@@ -79,44 +97,62 @@ def find_ou_name(ous, search_id):
 def create_mapper(template_file, org, root_id, list_ous, list_accounts):
-    with open(template_file, 'a') as f:
+    with open(template_file, "a") as f:
         ident = "        "
-        print(f"\n    with Cluster('Organizations'):", file=f)
-        print(f"\n{ident}oo = Organizations('{org['Id']}\\n{org['MasterAccountId']}\\n{root_id}')", file=f)
+        print("\n    with Cluster('Organizations'):", file=f)
+        print(
+            f"\n{ident}oo = Organizations('{org['Id']}\\n{org['MasterAccountId']}\\n{root_id}')",
+            file=f,
+        )
         for a, i in zip(list_ous, range(len(list_ous))):
             print(
                 f"\n{ident}ou_{format_name_string(a['Name'], 'format')}= OrganizationsOrganizationalUnit(\"{a['Id']}\\n{a['Name']}\")",
-                file=f)
+                file=f,
+            )
             for p in a["Parents"]:
-                if p['Type'] == 'ROOT':
-                    print(f"\n{ident}oo>> ou_{format_name_string(a['Name'], 'format')}", file=f)
-                if p['Type'] == 'ORGANIZATIONAL_UNIT':
+                if p["Type"] == "ROOT":
+                    print(
+                        f"\n{ident}oo>> ou_{format_name_string(a['Name'], 'format')}",
+                        file=f,
+                    )
+                if p["Type"] == "ORGANIZATIONAL_UNIT":
                     print(
                         f"\n{ident}ou_{format_name_string(find_ou_name(list_ous, p['Id']), 'format')}>> ou_{format_name_string(a['Name'], 'format')}",
-                        file=f)
+                        file=f,
+                    )
         for c, i in zip(list_accounts, range(len(list_accounts))):
             # print(f"\n    aa_{i}= OrganizationsAccount(\"{c['account']}\")", file=f)
             for p in c["parents"]:
-                if p['Type'] == 'ROOT':
-                    print(f"\n{ident}oo >> OrganizationsAccount(\"{c['account']}\\n{c['name']}\")", file=f)
+                if p["Type"] == "ROOT":
+                    print(
+                        f"\n{ident}oo >> OrganizationsAccount(\"{c['account']}\\n{c['name']}\")",
+                        file=f,
+                    )
                 for o, j in zip(list_ous, range(len(list_ous))):
-                    if p['Id'] == o["Id"] and p['Type'] == 'ORGANIZATIONAL_UNIT':
+                    if p["Id"] == o["Id"] and p["Type"] == "ORGANIZATIONAL_UNIT":
                         print(
                             f"\n{ident}ou_{format_name_string(o['Name'], 'format')}>> OrganizationsAccount(\"{c['account']}\\n{format_name_string(c['name'], action='split')}\")",
-                            file=f)
+                            file=f,
+                        )
         f.close()
 def create_sso_mapper(template_file, group_and_members):
-    with open(template_file, 'a') as f:
+    """
+    Create sso mapper.
+    :param template_file:
+    :param group_and_members:
+    :return:
+    """
+    with open(template_file, "a") as f:
         ident = "        "
-        print(f"\n    with Cluster('Groups'):", file=f)
+        print("\n    with Cluster('Groups'):", file=f)
         for g, l in zip(group_and_members, range(len(group_and_members))):
             if len(g["members"]) > 0:
                 print(f"\n{ident}with Cluster(\"{g['group_name']}\"):", file=f)
                 users = "["
@@ -127,12 +163,20 @@ def create_sso_mapper(template_file, group_and_members):
                 users += "]"
                 print(f"\n{ident}{ident}gg_{l}= {users}", file=f)
             else:
-                print(f"\n{ident}gg_{l}= Users(\"{format_name_string(g['group_name'], 'split')}\")", file=f)
+                print(
+                    f"\n{ident}gg_{l}= Users(\"{format_name_string(g['group_name'], 'split')}\")",
+                    file=f,
+                )
 def create_users_men(members):
-    if len(members) > 0:
+    """
+    Create member users.
+    :param members:
+    :return:
+    """
+    if len(members) > 0:
         users = "["
         for m in members:
             user_name = m["MemberId"]["UserName"]

src/dgms/graph_template.py CHANGED Viewed

@@ -1,4 +1,4 @@
-graph_template= """
+graph_template = """
 from diagrams import Diagram, Cluster
 from diagrams.aws.management import Organizations, OrganizationsAccount, OrganizationsOrganizationalUnit
@@ -7,7 +7,7 @@ with Diagram("Organizations-State", show=False, direction="TB"):
     ou = OrganizationsOrganizationalUnit("OU")
     oa = OrganizationsAccount("Account")
 """
-graph_template_sso= """
+graph_template_sso = """
 from diagrams import Diagram, Cluster
 from diagrams.aws.management import Organizations, OrganizationsAccount, OrganizationsOrganizationalUnit
@@ -18,7 +18,7 @@ with Diagram("SSO-State", show=False, direction="TB"):
     uu= User("User")
 """
-graph_template_sso_complete="""
+graph_template_sso_complete = """
 from diagrams import Diagram, Cluster, Edge
 from diagrams.aws.management import Organizations, OrganizationsAccount, OrganizationsOrganizationalUnit
@@ -29,4 +29,4 @@ with Diagram("IAM Identity Center", show=False, direction="LR"):
     uu = User("User")
     pp= IAMPermissions("PermissionsSet")
     ou = OrganizationsOrganizationalUnit("PermissionsAssignments")
-"""
+"""

src/export_report/export_csv.py CHANGED Viewed

@@ -1,4 +1,5 @@
 import pandas as pd
-pdObj = pd.read_json('export.json', orient='index')
-print(pdObj)
+pdObj = pd.read_json("export.json", orient="index")
+print(pdObj)

src/reports/save_results.py ADDED Viewed

@@ -0,0 +1,24 @@
+"""Save results."""
+import json
+import logging
+from pathlib import Path
+from colorama import Fore
+def save_results(results, filename, directory_path="."):
+    """
+    Save results to a file.
+    :param results:
+    :param filename:
+    :return: None. Saves results to a file.
+    """
+    if not Path.exists(Path(directory_path)):
+        Path.mkdir(Path(directory_path))
+        logging.debug(f"Directory {directory_path} created")
+    with open(f"{directory_path}/{filename}", "w") as f:
+        json.dump(results, fp=f, indent=4)
+        print(
+            f"{Fore.YELLOW}ℹ️  The accounts are stored in {directory_path}/{filename} {Fore.RESET}"
+        )

reverse-diagrams 0.2.5__py3-none-any.whl → 1.0.0__py3-none-any.whl

reverse-diagrams 0.2.5py3-none-any.whl → 1.0.0py3-none-any.whl