runbooks 1.1.4__py3-none-any.whl → 1.1.6__py3-none-any.whl

runbooks/inventory/list_elbs_load_balancers.py

@@ -88,13 +88,11 @@ from time import time
 
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import display_results, find_load_balancers2, get_all_credentials
-from tqdm.auto import tqdm
+from runbooks.common.rich_utils import create_progress_bar
 
-init()
 __version__ = "2024.05.06"
-ERASE_LINE = "\x1b[2K"
 begin_time = time()
 
 
@@ -306,20 +304,24 @@ def find_all_elbs(fAllCredentials: list, ffragment: list, fstatus: str):
         worker.start()
 
     # Queue credential sets with progress tracking for operational visibility
-    for credential in tqdm(fAllCredentials):
-        logging.info(f"Beginning to queue data - starting with {credential['AccountId']}")
-        try:
-            # Queue credential set with fragment and status filters for targeted discovery
-            # Tuple format: (credentials, fragment_filter, status_filter)
-            checkqueue.put((credential, ffragment, fstatus))
-        except ClientError as my_Error:
-            # Handle authorization failures during credential queuing
-            if "AuthFailure" in str(my_Error):
-                logging.error(
-                    f"Authorization Failure accessing account {credential['AccountId']} in {credential['Region']} region"
-                )
-                logging.warning(f"It's possible that the region {credential['Region']} hasn't been opted-into")
-                pass
+    with create_progress_bar() as progress:
+        task = progress.add_task("Queueing ELB discovery tasks", total=len(fAllCredentials))
+        for credential in fAllCredentials:
+            logging.info(f"Beginning to queue data - starting with {credential['AccountId']}")
+            try:
+                # Queue credential set with fragment and status filters for targeted discovery
+                # Tuple format: (credentials, fragment_filter, status_filter)
+                checkqueue.put((credential, ffragment, fstatus))
+            except ClientError as my_Error:
+                # Handle authorization failures during credential queuing
+                if "AuthFailure" in str(my_Error):
+                    logging.error(
+                        f"Authorization Failure accessing account {credential['AccountId']} in {credential['Region']} region"
+                    )
+                    logging.warning(f"It's possible that the region {credential['Region']} hasn't been opted-into")
+                    pass
+            finally:
+                progress.update(task, advance=1)
 
     # Wait for all queued work to complete before proceeding
     checkqueue.join()
@@ -396,13 +398,13 @@ if __name__ == "__main__":
     # Display performance timing metrics for operational optimization and SLA compliance
     if pTiming:
         print(ERASE_LINE)
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.2f} seconds")
 
     print(ERASE_LINE)
 
     # Display comprehensive operational summary for executive traffic management reporting
     print(
-        f"{Fore.RED}Found {len(All_Load_Balancers)} Load Balancers across {AccountNum} profiles across {RegionNum} regions{Fore.RESET}"
+        f"[red]Found {len(All_Load_Balancers)} Load Balancers across {AccountNum} profiles across {RegionNum} regions"
     )
     print()
 

runbooks/inventory/list_enis_network_interfaces.py

@@ -96,11 +96,10 @@ from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
 
 # from datetime import datetime
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import display_results, find_account_enis2, get_all_credentials
-from tqdm.auto import tqdm
+from runbooks.common.rich_utils import create_progress_bar
 
-init()
 
 __version__ = "2024.10.24"
 
@@ -269,8 +268,8 @@ def check_accounts_for_enis(fCredentialList, fip=None, fPublicOnly: bool = False
             """
             while True:
                 # Retrieve ENI discovery work item from thread-safe queue
-                c_account_credentials, c_region, c_fip, c_PlacesToLook, c_PlaceCount = self.queue.get()
-                pbar.update()  # Update progress tracking for operational visibility
+                c_account_credentials, c_region, c_fip, c_PlacesToLook, c_PlaceCount, c_progress, c_task = self.queue.get()
+                c_progress.update(c_task, advance=1)  # Update progress tracking for operational visibility
                 logging.info(f"De-queued info for account {c_account_credentials['AccountId']}")
 
                 try:
@@ -323,13 +322,6 @@ def check_accounts_for_enis(fCredentialList, fip=None, fPublicOnly: bool = False
     # Initialize queue-based threading architecture for scalable ENI discovery
     checkqueue = Queue()
 
-    # Initialize progress tracking for operational visibility during large-scale operations
-    pbar = tqdm(
-        desc=f"Finding enis from {len(CredentialList)} accounts / regions",
-        total=len(fCredentialList),
-        unit=" locations",
-    )
-
     # Initialize results list for aggregating discovered ENIs
     Results = []
     PlaceCount = 0
@@ -347,24 +339,26 @@ def check_accounts_for_enis(fCredentialList, fip=None, fPublicOnly: bool = False
         worker.start()
 
     # Queue credential sets for processing by worker threads
-    for credential in fCredentialList:
-        logging.info(f"Connecting to account {credential['AccountId']} in region {credential['Region']}")
-        try:
-            # Queue credential set with IP filter and progress tracking parameters
-            # Tuple format: (credentials, region, ip_filter, total_places, current_count)
-            checkqueue.put((credential, credential["Region"], fip, PlacesToLook, PlaceCount))
-            PlaceCount += 1
-        except ClientError as my_Error:
-            # Handle authorization failures during credential queuing
-            if "AuthFailure" in str(my_Error):
-                logging.error(
-                    f"Authorization Failure accessing account {credential['AccountId']} in {credential['Region']} region"
-                )
-                logging.warning(f"It's possible that the region {credential['Region']} hasn't been opted-into")
-                pass
-
-    # Wait for all queued work to complete before proceeding
-    checkqueue.join()
+    with create_progress_bar() as progress:
+        task = progress.add_task("Discovering ENIs", total=len(fCredentialList))
+        for credential in fCredentialList:
+            logging.info(f"Connecting to account {credential['AccountId']} in region {credential['Region']}")
+            try:
+                # Queue credential set with IP filter and progress tracking parameters
+                # Tuple format: (credentials, region, ip_filter, total_places, current_count, progress, task)
+                checkqueue.put((credential, credential["Region"], fip, PlacesToLook, PlaceCount, progress, task))
+                PlaceCount += 1
+            except ClientError as my_Error:
+                # Handle authorization failures during credential queuing
+                if "AuthFailure" in str(my_Error):
+                    logging.error(
+                        f"Authorization Failure accessing account {credential['AccountId']} in {credential['Region']} region"
+                    )
+                    logging.warning(f"It's possible that the region {credential['Region']} hasn't been opted-into")
+                    pass
+
+        # Wait for all queued work to complete before proceeding
+        checkqueue.join()
     return Results
 
 
@@ -450,7 +444,7 @@ def present_results(f_ENIsFound: list):
 
     # Highlight cost optimization opportunities with unused ENI identification
     print(
-        f"{Fore.RED}Found {len(DetachedENIs)} ENIs that are not listed as 'in-use' and may therefore be costing you additional money while they're unused.{Fore.RESET}"
+        f"[red]Found {len(DetachedENIs)} ENIs that are not listed as 'in-use' and may therefore be costing you additional money while they're unused."
     ) if DetachedENIs else ""
     print()
 
@@ -464,7 +458,6 @@ def present_results(f_ENIsFound: list):
 # Main execution entry point for enterprise ENI discovery and network security analysis
 ##################
 
-ERASE_LINE = "\x1b[2K"
 
 if __name__ == "__main__":
     """
@@ -518,7 +511,7 @@ if __name__ == "__main__":
 
     # Display performance timing metrics for operational optimization and SLA compliance
     if pTiming:
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.2f} seconds")
 
 # Display completion message for user confirmation and operational closure
 print()

runbooks/inventory/list_guardduty_detectors.py

@@ -95,10 +95,9 @@ import Inventory_Modules
 from account_class import aws_acct_access
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import get_all_credentials
 
-init()
 __version__ = "2023.07.18"
 
 # Parse enterprise command-line arguments with GuardDuty-specific security management options
@@ -150,7 +149,6 @@ logging.getLogger("urllib3").setLevel(logging.CRITICAL)
 # Initialize enterprise GuardDuty discovery and security management operations
 ##########################
 
-ERASE_LINE = "\x1b[2K"
 
 # Initialize AWS account access for GuardDuty administrative operations
 aws_acct = aws_acct_access(pProfile)
@@ -337,7 +335,7 @@ for credential in AllCredentials:
             # Display progress for accounts without GuardDuty detectors for operational visibility
             print(
                 ERASE_LINE,
-                f"{Fore.RED}No luck in account: {credential['AccountId']} in region {credential['Region']}{Fore.RESET} -- {places_to_try} of {len(AllCredentials)}",
+                f"[red]No luck in account: {credential['AccountId']} in region {credential['Region']} -- {places_to_try} of {len(AllCredentials)}",
                 end="\r",
             )
     except ClientError as my_Error:

runbooks/inventory/list_iam_policies.py

@@ -94,12 +94,10 @@ from time import time
 
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import display_results, find_account_policies2, find_policy_action2, get_all_credentials
 
-init()
 __version__ = "2023.12.12"
-ERASE_LINE = "\x1b[2K"
 begin_time = time()
 
 
@@ -392,7 +390,7 @@ if __name__ == "__main__":
 
     if pTiming:
         print(ERASE_LINE)
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.2f} seconds")
     print(f"These accounts were skipped - as requested: {pSkipAccounts}") if pSkipAccounts is not None else print()
     print()
     print(

runbooks/inventory/list_iam_roles.py

@@ -43,10 +43,9 @@ from time import sleep, time
 import boto3
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
 from Inventory_Modules import display_results, find_in, get_all_credentials
+from runbooks.common.rich_utils import console
 
-init()
 __version__ = "2023.11.06"
 
 
@@ -249,8 +248,8 @@ def find_and_collect_roles_across_accounts(fAllCredentials: list, frole_fragment
         print(f"Listing out all roles across {len(fAllCredentials)} accounts")
         print()
     elif pExact:
-        print(
-            f"Looking for a role {Fore.RED}exactly{Fore.RESET} named one of these strings {frole_fragments} across {len(fAllCredentials)} accounts"
+        console.print(
+            f"Looking for a role [red]exactly[/red] named one of these strings {frole_fragments} across {len(fAllCredentials)} accounts"
         )
         print()
     else:
@@ -475,7 +474,6 @@ if __name__ == "__main__":
     logging.getLogger("s3transfer").setLevel(logging.CRITICAL)
     logging.getLogger("urllib3").setLevel(logging.CRITICAL)
 
-    ERASE_LINE = "\x1b[2K"
     time_to_sleep = 5
     begin_time = time()
 
@@ -511,8 +509,8 @@ if __name__ == "__main__":
         )
 
     if pTiming:
-        print(ERASE_LINE)
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        console.print()
+        console.print(f"[green]This script took {time() - begin_time:.2f} seconds[/green]")
     print()
     print("Thanks for using this script...")
     print()

runbooks/inventory/list_iam_saml_providers.py

@@ -101,14 +101,12 @@ import boto3
 from account_class import aws_acct_access
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import display_results, find_saml_components_in_acct2, get_child_access3
 
-init()
 __version__ = "2024.03.27"
 
 begin_time = time()
-ERASE_LINE = "\x1b[2K"
 
 
 ##################
@@ -254,7 +252,7 @@ def all_my_saml_providers(faws_acct: aws_acct_access, fChildAccounts: list, f_ac
                     idpNum = len(Idps)
                     logging.info(f"Account: {account['AccountId']} | Region: {pRegion} | Found {idpNum} Idps")
                     logging.info(
-                        f"{ERASE_LINE}{Fore.RED}Account: {account['AccountId']} pRegion: {pRegion} Found {idpNum} Idps.{Fore.RESET}"
+                        f"{ERASE_LINE}[red]Account: {account['AccountId']} pRegion: {pRegion} Found {idpNum} Idps."
                     )
 
                     # Process discovered identity providers and extract metadata
@@ -342,7 +340,7 @@ if __name__ == "__main__":
     RegionsFound = list(set([x["Region"] for x in IdpsFound]))
     print()
     print(
-        f"{Fore.RED}Found {len(IdpsFound)} Idps across {len(AccountsFound)} accounts in {len(RegionsFound)} regions{Fore.RESET}"
+        f"[red]Found {len(IdpsFound)} Idps across {len(AccountsFound)} accounts in {len(RegionsFound)} regions"
     )
     print()
 
@@ -353,7 +351,7 @@ if __name__ == "__main__":
 
     print()
     if pTiming:
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.2f} seconds")
         print()
     print("Thanks for using this script...")
     print()

runbooks/inventory/list_lambda_functions.py

@@ -82,14 +82,12 @@ import boto3
 import Inventory_Modules
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import display_results, get_all_credentials
-from tqdm.auto import tqdm
+from runbooks.common.rich_utils import create_progress_bar
 
-init()
 __version__ = "2024.06.05"
 
-ERASE_LINE = "\x1b[2K"
 begin_time = time()
 
 
@@ -497,7 +495,6 @@ def check_accounts_for_functions(CredentialList, fFragments=None):
             while True:
                 # Retrieve account credentials and fragment filters from thread-safe work queue
                 c_account_credentials, c_fragment_list = self.queue.get()
-                pbar.update()  # Update progress bar for operational visibility
                 Functions = []
                 logging.info(f"De-queued info for account {c_account_credentials['AccountId']}")
                 try:
@@ -543,6 +540,9 @@ def check_accounts_for_functions(CredentialList, fFragments=None):
                         # Thread-safe aggregation of discovered Lambda functions
                         AllFuncs.extend(Functions)
 
+                    # Update progress bar for operational visibility
+                    progress.update(task, advance=1)
+
                     # Signal task completion for thread-safe work queue management
                     self.queue.task_done()
 
@@ -556,40 +556,40 @@ def check_accounts_for_functions(CredentialList, fFragments=None):
     checkqueue = Queue()
 
     # Initialize progress tracking for operational visibility during discovery
-    pbar = tqdm(
-        desc=f"Finding instances from {len(CredentialList)} accounts / regions",
-        total=len(CredentialList),
-        unit=" locations",
-    )
-
-    # Initialize multi-threaded Lambda function discovery worker pool
-    for x in range(WorkerThreads):
-        worker = FindFunctions(checkqueue)
-        # Enable graceful shutdown with main thread termination for enterprise operational safety
-        worker.daemon = True
-        worker.start()  # Begin concurrent Lambda function discovery processing
+    with create_progress_bar() as progress:
+        task = progress.add_task(
+            f"Finding instances from {len(CredentialList)} accounts / regions",
+            total=len(CredentialList)
+        )
 
-    # Populate work queue with account credentials for distributed serverless discovery
-    for credential in CredentialList:
-        logging.info(f"Connecting to account {credential['AccountId']}")
-        try:
-            # Log work queue population for operational audit trail
-            logging.info(
-                f"{ERASE_LINE}Queuing account {credential['AccountId']} in region {credential['Region']}", end="\r"
-            )
-            # Add credential and fragment filter to processing queue
-            checkqueue.put((credential, fFragments))
-        except ClientError as my_Error:
-            # Handle AWS API authorization failures during queue population
-            if "AuthFailure" in str(my_Error):
-                logging.error(
-                    f"Authorization Failure accessing account {credential['AccountId']} in {credential['Region']} region"
+        # Initialize multi-threaded Lambda function discovery worker pool
+        for x in range(WorkerThreads):
+            worker = FindFunctions(checkqueue)
+            # Enable graceful shutdown with main thread termination for enterprise operational safety
+            worker.daemon = True
+            worker.start()  # Begin concurrent Lambda function discovery processing
+
+        # Populate work queue with account credentials for distributed serverless discovery
+        for credential in CredentialList:
+            logging.info(f"Connecting to account {credential['AccountId']}")
+            try:
+                # Log work queue population for operational audit trail
+                logging.info(
+                    f"{ERASE_LINE}Queuing account {credential['AccountId']} in region {credential['Region']}", end="\r"
                 )
-                logging.error(f"It's possible that the region {credential['Region']} hasn't been opted-into")
-                pass  # Continue processing remaining accounts despite individual failures
+                # Add credential and fragment filter to processing queue
+                checkqueue.put((credential, fFragments))
+            except ClientError as my_Error:
+                # Handle AWS API authorization failures during queue population
+                if "AuthFailure" in str(my_Error):
+                    logging.error(
+                        f"Authorization Failure accessing account {credential['AccountId']} in {credential['Region']} region"
+                    )
+                    logging.error(f"It's possible that the region {credential['Region']} hasn't been opted-into")
+                    pass  # Continue processing remaining accounts despite individual failures
 
-    # Wait for all Lambda function discovery tasks to complete before result aggregation
-    checkqueue.join()
+        # Wait for all Lambda function discovery tasks to complete before result aggregation
+        checkqueue.join()
 
     # Return comprehensive Lambda function inventory with enterprise serverless metadata
     return AllFuncs
@@ -744,7 +744,7 @@ def fix_my_functions(fAllFunctions, fRuntime, fNewRuntime, fForceDelete, fTiming
         if fTiming:
             print(ERASE_LINE)
             print(
-                f"{Fore.GREEN}Fixing {len(return_response)} functions took {time() - begin_fix_time:.3f} seconds{Fore.RESET}"
+                f"[green]Fixing {len(return_response)} functions took {time() - begin_fix_time:.3f} seconds"
             )
 
     # Return operation results for enterprise reporting and audit trail
@@ -869,7 +869,7 @@ if __name__ == "__main__":
     # Display performance timing metrics for operational optimization and SLA compliance
     if pTiming:
         print(ERASE_LINE)
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.3f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.3f} seconds")
 
     print(ERASE_LINE)
 

runbooks/inventory/list_org_accounts.py

@@ -71,12 +71,10 @@ from time import time
 from ArgumentsClass import CommonArguments
 
 # from botocore.exceptions import ClientError, NoCredentialsError, InvalidConfigError
-from colorama import Fore, Style, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import display_results, get_org_accounts_from_profiles, get_profiles
 
-init()
 __version__ = "2024.05.08"
-ERASE_LINE = "\x1b[2K"
 begin_time = time()
 
 
@@ -251,7 +249,7 @@ def all_my_orgs(
     # Print out the results
     if f_Timing:
         print()
-        print(f"It's taken {Fore.GREEN}{time() - begin_time:.2f}{Fore.RESET} seconds to find profile accounts...")
+        print(f"It's taken [green]{time() - begin_time:.2f} seconds to find profile accounts...")
         print()
     fmt = "%-23s %-15s %-15s %-12s %-10s"
     print("<------------------------------------>")
@@ -278,7 +276,7 @@ def all_my_orgs(
                 else:
                     logging.info(f"{item['profile']} was successful.")
                     print(
-                        f"{Fore.RED if item['RootAcct'] else ''}{item['profile']:23s} {item['aws_acct'].acct_number:15s} {item['MgmtAccount']:15s} {str(item['OrgId']):12s} {item['RootAcct']}{Fore.RESET}"
+                        f"{Fore.RED if item['RootAcct'] else ''}{item['profile']:23s} {item['aws_acct'].acct_number:15s} {item['MgmtAccount']:15s} {str(item['OrgId']):12s} {item['RootAcct']}"
                     )
             except TypeError as my_Error:
                 logging.error(f"Error - {my_Error} on {item}")
@@ -339,14 +337,14 @@ def all_my_orgs(
             for item in AllProfileAccounts:
                 if item["Success"] and item["RootAcct"]:
                     print(
-                        f"{item['profile']:{ProfileNameLength}s} {Style.BRIGHT}{item['MgmtAccount']:15s}{Style.RESET_ALL}"
+                        f"{item['profile']:{ProfileNameLength}s} [bold]{item['MgmtAccount']:15s}"
                     )
                     print(
                         f"\t{'Child Account Number':{len('Child Account Number')}s} {'Child Account Status':{len('Child Account Status')}s} {'Child Email Address'}"
                     )
                     for child_acct in item["aws_acct"].ChildAccounts:
                         print(
-                            f"\t{Fore.RED if not child_acct['AccountStatus'] == 'ACTIVE' else ''}{child_acct['AccountId']:{len('Child Account Number')}s} {child_acct['AccountStatus']:{len('Child Account Status')}s} {child_acct['AccountEmail']}{Fore.RESET}"
+                            f"\t{Fore.RED if not child_acct['AccountStatus'] == 'ACTIVE' else ''}{child_acct['AccountId']:{len('Child Account Number')}s} {child_acct['AccountStatus']:{len('Child Account Status')}s} {child_acct['AccountEmail']}"
                         )
 
         elif f_SaveFilename is not None:
@@ -440,7 +438,7 @@ if __name__ == "__main__":
 
     print()
     if pTiming:
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.2f} seconds")
         print()
     print("Thanks for using this script")
     print()

runbooks/inventory/list_org_accounts_users.py

@@ -97,7 +97,7 @@ from time import time
 
 from ArgumentsClass import CommonArguments
 from botocore.exceptions import ClientError
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 from Inventory_Modules import (
     display_results,
     find_iam_users2,
@@ -105,11 +105,10 @@ from Inventory_Modules import (
     find_idc_users2,
     get_all_credentials,
 )
-from tqdm.auto import tqdm
+# Migrated to Rich.Progress - see rich_utils.py for enterprise UX standards
+# from tqdm.auto import tqdm
 
-init()
 __version__ = "2024.05.09"
-ERASE_LINE = "\x1b[2K"
 begin_time = time()
 
 
@@ -253,46 +252,58 @@ def find_all_org_users(f_credentials, f_IDC: bool, f_IAM: bool) -> list:
     User_List = []
     directories_seen = set()
 
+    # Import Rich display utilities for professional progress tracking
+    from runbooks.common.rich_utils import create_progress_bar
+
     # TODO: Enhance with multi-threading for improved performance across large organizations
-    for credential in tqdm(
-        f_credentials, desc=f"Looking for users across {len(f_credentials)} Accounts", unit=" accounts"
-    ):
-        # Skip credentials that failed validation
-        if not credential["Success"]:
-            logging.info(f"{credential['ErrorMessage']} with roles: {credential['RolesTried']}")
-            continue
-
-        # Discover traditional IAM users if requested
-        if f_IAM:
-            try:
-                # Call inventory module to discover IAM users in this account
-                User_List.extend(find_iam_users2(credential))
-                # Optional verbose logging for user discovery progress (currently commented)
-                # logging.info(f"{ERASE_LINE}Account: {credential['AccountId']} Found {len(User_List)} users")
-            except ClientError as my_Error:
-                # Handle IAM API authorization failures gracefully
-                if "AuthFailure" in str(my_Error):
-                    logging.error(f"{ERASE_LINE}{credential}: Authorization Failure")
-
-        # Discover AWS Identity Center users if requested
-        if f_IDC:
-            try:
-                # Find out if this account hosts an Identity Center with a user directory
-                directory_ids = find_idc_directory_id2(credential)
-                for directory_instance_id in directory_ids:
-                    # Directory deduplication: if we've already interrogated this directory, skip it
-                    if directory_instance_id in directories_seen:
-                        continue
-                    else:
-                        # Mark this directory as processed and discover users
-                        directories_seen.update(directory_ids)
-                        User_List.extend(find_idc_users2(credential, directory_instance_id))
-                # Optional verbose logging for user discovery progress (currently commented)
-                # logging.info(f"{ERASE_LINE}Account: {credential['AccountId']} Found {len(User_List)} users")
-            except ClientError as my_Error:
-                # Handle Identity Center API authorization failures gracefully
-                if "AuthFailure" in str(my_Error):
-                    logging.error(f"{ERASE_LINE}{credential}: Authorization Failure")
+    with create_progress_bar() as progress:
+        task = progress.add_task(
+            f"[cyan]Looking for users across {len(f_credentials)} Accounts...",
+            total=len(f_credentials)
+        )
+
+        for credential in f_credentials:
+            # Skip credentials that failed validation
+            if not credential["Success"]:
+                logging.info(f"{credential['ErrorMessage']} with roles: {credential['RolesTried']}")
+                progress.update(task, advance=1)
+                continue
+
+            # Discover traditional IAM users if requested
+            if f_IAM:
+                try:
+                    # Call inventory module to discover IAM users in this account
+                    User_List.extend(find_iam_users2(credential))
+                    # Optional verbose logging for user discovery progress (currently commented)
+                    # logging.info(f"{ERASE_LINE}Account: {credential['AccountId']} Found {len(User_List)} users")
+                except ClientError as my_Error:
+                    # Handle IAM API authorization failures gracefully
+                    if "AuthFailure" in str(my_Error):
+                        logging.error(f"{ERASE_LINE}{credential}: Authorization Failure")
+
+            # Discover AWS Identity Center users if requested
+            if f_IDC:
+                try:
+                    # Find out if this account hosts an Identity Center with a user directory
+                    directory_ids = find_idc_directory_id2(credential)
+                    for directory_instance_id in directory_ids:
+                        # Directory deduplication: if we've already interrogated this directory, skip it
+                        if directory_instance_id in directories_seen:
+                            continue
+                        else:
+                            # Mark this directory as processed and discover users
+                            directories_seen.update(directory_ids)
+                            User_List.extend(find_idc_users2(credential, directory_instance_id))
+                    # Optional verbose logging for user discovery progress (currently commented)
+                    # logging.info(f"{ERASE_LINE}Account: {credential['AccountId']} Found {len(User_List)} users")
+                except ClientError as my_Error:
+                    # Handle Identity Center API authorization failures gracefully
+                    if "AuthFailure" in str(my_Error):
+                        logging.error(f"{ERASE_LINE}{credential}: Authorization Failure")
+
+            # Update progress after processing each credential
+            progress.update(task, advance=1)
+
     return User_List
 
 
@@ -344,7 +355,7 @@ if __name__ == "__main__":
     display_results(sorted_UserListing, display_dict, "N/A", pFilename)
     if pTiming:
         print(ERASE_LINE)
-        print(f"{Fore.GREEN}This script took {time() - begin_time:.2f} seconds{Fore.RESET}")
+        print(f"[green]This script took {time() - begin_time:.2f} seconds")
     print(ERASE_LINE)
     print(
         f"Found {len(UserListing)} users across {len(SuccessfulAccountAccesses)} account{'' if len(SuccessfulAccountAccesses) == 1 else 's'}"