runbooks 1.1.7__py3-none-any.whl → 1.1.10__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. runbooks/__init__.py +1 -1
  2. runbooks/__init___optimized.py +2 -1
  3. runbooks/_platform/__init__.py +1 -1
  4. runbooks/cfat/cli.py +4 -3
  5. runbooks/cfat/cloud_foundations_assessment.py +1 -2
  6. runbooks/cfat/tests/test_cli.py +4 -1
  7. runbooks/cli/commands/finops.py +68 -19
  8. runbooks/cli/commands/inventory.py +838 -14
  9. runbooks/cli/commands/operate.py +65 -4
  10. runbooks/cli/commands/vpc.py +1 -1
  11. runbooks/cloudops/cost_optimizer.py +1 -3
  12. runbooks/common/cli_decorators.py +6 -4
  13. runbooks/common/config_loader.py +787 -0
  14. runbooks/common/config_schema.py +280 -0
  15. runbooks/common/dry_run_framework.py +14 -2
  16. runbooks/common/mcp_integration.py +238 -0
  17. runbooks/finops/ebs_cost_optimizer.py +7 -4
  18. runbooks/finops/elastic_ip_optimizer.py +7 -4
  19. runbooks/finops/infrastructure/__init__.py +3 -2
  20. runbooks/finops/infrastructure/commands.py +7 -4
  21. runbooks/finops/infrastructure/load_balancer_optimizer.py +7 -4
  22. runbooks/finops/infrastructure/vpc_endpoint_optimizer.py +7 -4
  23. runbooks/finops/nat_gateway_optimizer.py +7 -4
  24. runbooks/finops/tests/run_tests.py +1 -1
  25. runbooks/inventory/ArgumentsClass.py +2 -1
  26. runbooks/inventory/CLAUDE.md +41 -0
  27. runbooks/inventory/README.md +210 -2
  28. runbooks/inventory/Tests/test_Inventory_Modules.py +27 -10
  29. runbooks/inventory/Tests/test_cfn_describe_stacks.py +18 -7
  30. runbooks/inventory/Tests/test_ec2_describe_instances.py +30 -15
  31. runbooks/inventory/Tests/test_lambda_list_functions.py +17 -3
  32. runbooks/inventory/Tests/test_org_list_accounts.py +17 -4
  33. runbooks/inventory/account_class.py +0 -1
  34. runbooks/inventory/all_my_instances_wrapper.py +4 -8
  35. runbooks/inventory/aws_organization.png +0 -0
  36. runbooks/inventory/check_cloudtrail_compliance.py +4 -4
  37. runbooks/inventory/check_controltower_readiness.py +50 -47
  38. runbooks/inventory/check_landingzone_readiness.py +35 -31
  39. runbooks/inventory/cloud_foundations_integration.py +8 -3
  40. runbooks/inventory/collectors/aws_compute.py +59 -11
  41. runbooks/inventory/collectors/aws_management.py +39 -5
  42. runbooks/inventory/core/collector.py +1655 -159
  43. runbooks/inventory/core/concurrent_paginator.py +511 -0
  44. runbooks/inventory/discovery.md +15 -6
  45. runbooks/inventory/{draw_org_structure.py → draw_org.py} +55 -9
  46. runbooks/inventory/drift_detection_cli.py +8 -68
  47. runbooks/inventory/find_cfn_drift_detection.py +14 -4
  48. runbooks/inventory/find_cfn_orphaned_stacks.py +7 -5
  49. runbooks/inventory/find_cfn_stackset_drift.py +5 -5
  50. runbooks/inventory/find_ec2_security_groups.py +6 -3
  51. runbooks/inventory/find_landingzone_versions.py +5 -5
  52. runbooks/inventory/find_vpc_flow_logs.py +5 -5
  53. runbooks/inventory/inventory.sh +20 -7
  54. runbooks/inventory/inventory_mcp_cli.py +4 -0
  55. runbooks/inventory/inventory_modules.py +9 -7
  56. runbooks/inventory/list_cfn_stacks.py +18 -8
  57. runbooks/inventory/list_cfn_stackset_operation_results.py +2 -2
  58. runbooks/inventory/list_cfn_stackset_operations.py +32 -20
  59. runbooks/inventory/list_cfn_stacksets.py +7 -4
  60. runbooks/inventory/list_config_recorders_delivery_channels.py +4 -4
  61. runbooks/inventory/list_ds_directories.py +3 -3
  62. runbooks/inventory/list_ec2_availability_zones.py +7 -3
  63. runbooks/inventory/list_ec2_ebs_volumes.py +3 -3
  64. runbooks/inventory/list_ec2_instances.py +1 -1
  65. runbooks/inventory/list_ecs_clusters_and_tasks.py +8 -4
  66. runbooks/inventory/list_elbs_load_balancers.py +7 -3
  67. runbooks/inventory/list_enis_network_interfaces.py +3 -3
  68. runbooks/inventory/list_guardduty_detectors.py +9 -5
  69. runbooks/inventory/list_iam_policies.py +7 -3
  70. runbooks/inventory/list_iam_roles.py +3 -3
  71. runbooks/inventory/list_iam_saml_providers.py +8 -4
  72. runbooks/inventory/list_lambda_functions.py +8 -4
  73. runbooks/inventory/list_org_accounts.py +306 -276
  74. runbooks/inventory/list_org_accounts_users.py +45 -9
  75. runbooks/inventory/list_rds_db_instances.py +4 -4
  76. runbooks/inventory/list_route53_hosted_zones.py +3 -3
  77. runbooks/inventory/list_servicecatalog_provisioned_products.py +5 -5
  78. runbooks/inventory/list_sns_topics.py +4 -4
  79. runbooks/inventory/list_ssm_parameters.py +6 -3
  80. runbooks/inventory/list_vpc_subnets.py +8 -4
  81. runbooks/inventory/list_vpcs.py +15 -4
  82. runbooks/inventory/mcp_inventory_validator.py +771 -134
  83. runbooks/inventory/mcp_vpc_validator.py +6 -0
  84. runbooks/inventory/organizations_discovery.py +17 -3
  85. runbooks/inventory/organizations_utils.py +553 -0
  86. runbooks/inventory/output_formatters.py +422 -0
  87. runbooks/inventory/recover_cfn_stack_ids.py +5 -5
  88. runbooks/inventory/run_on_multi_accounts.py +3 -3
  89. runbooks/inventory/tag_coverage.py +481 -0
  90. runbooks/inventory/validation_utils.py +358 -0
  91. runbooks/inventory/verify_ec2_security_groups.py +18 -5
  92. runbooks/inventory/vpc_architecture_validator.py +7 -1
  93. runbooks/inventory/vpc_dependency_analyzer.py +6 -0
  94. runbooks/main_final.py +2 -2
  95. runbooks/main_ultra_minimal.py +2 -2
  96. runbooks/mcp/integration.py +6 -4
  97. runbooks/remediation/acm_remediation.py +2 -2
  98. runbooks/remediation/cloudtrail_remediation.py +2 -2
  99. runbooks/remediation/cognito_remediation.py +2 -2
  100. runbooks/remediation/dynamodb_remediation.py +2 -2
  101. runbooks/remediation/ec2_remediation.py +2 -2
  102. runbooks/remediation/kms_remediation.py +2 -2
  103. runbooks/remediation/lambda_remediation.py +2 -2
  104. runbooks/remediation/rds_remediation.py +2 -2
  105. runbooks/remediation/s3_remediation.py +1 -1
  106. runbooks/vpc/cloudtrail_audit_integration.py +1 -1
  107. {runbooks-1.1.7.dist-info → runbooks-1.1.10.dist-info}/METADATA +74 -4
  108. {runbooks-1.1.7.dist-info → runbooks-1.1.10.dist-info}/RECORD +112 -105
  109. runbooks/__init__.py.backup +0 -134
  110. {runbooks-1.1.7.dist-info → runbooks-1.1.10.dist-info}/WHEEL +0 -0
  111. {runbooks-1.1.7.dist-info → runbooks-1.1.10.dist-info}/entry_points.txt +0 -0
  112. {runbooks-1.1.7.dist-info → runbooks-1.1.10.dist-info}/licenses/LICENSE +0 -0
  113. {runbooks-1.1.7.dist-info → runbooks-1.1.10.dist-info}/top_level.txt +0 -0
runbooks/inventory/list_org_accounts_users.py CHANGED
@@ -9,15 +9,23 @@ AWS Identity Center (formerly AWS SSO) user management. It's designed for enterp
9
9
  identity and access management teams who need complete visibility into user distribution,
10
10
  access patterns, and identity governance across large-scale multi-account deployments.
11
11
 
12
+ **AWS API Mapping**: `iam.list_users()`, `identitystore.list_users()`, `sso-admin.list_instances()`
13
+
12
14
  Key Features:
13
15
  - Multi-account user discovery using assume role capabilities across AWS Organizations
14
16
  - Dual identity source support: IAM users and AWS Identity Center users
15
17
  - Comprehensive user metadata extraction with last access tracking
16
18
  - Cross-account user enumeration with organizational hierarchy mapping
17
19
  - Identity Center directory deduplication for efficient discovery
18
- - Enterprise reporting with CSV export and structured output
20
+ - Multi-format export (JSON, CSV, Markdown, Table)
19
21
  - Profile-based authentication with support for federated access
20
22
 
23
+ Architecture (v1.1.10):
24
+ - Group-level with --all-profiles pattern (Option B)
25
+ - Shared utilities integration (organizations_utils.py + output_formatters.py)
26
+ - Modern CLI + Legacy Python Main dual compatibility
27
+ - Rich CLI output with enterprise UX standards
28
+
21
29
  Enterprise Use Cases:
22
30
  - Identity governance and user access auditing across organizations
23
31
  - User lifecycle management and access certification processes
@@ -70,8 +78,8 @@ Dependencies:
70
78
  - boto3/botocore for AWS IAM and Identity Center API interactions
71
79
  - ArgumentsClass for standardized CLI argument parsing
72
80
  - Inventory_Modules for common utility functions and credential management
73
- - colorama for enhanced output formatting
74
- - tqdm for progress tracking during user discovery
81
+ - Rich CLI for enhanced output formatting
82
+ - Progress bars for discovery tracking
75
83
 
76
84
  Compliance and Audit Features:
77
85
  - Comprehensive user discovery for identity governance auditing
@@ -80,6 +88,29 @@ Compliance and Audit Features:
80
88
  - Identity lifecycle tracking for governance and compliance management
81
89
  - User attribute and metadata extraction for compliance reporting
82
90
 
91
+ Example (Modern CLI):
92
+ Multi-account user discovery:
93
+ ```bash
94
+ runbooks inventory --all-profiles $MANAGEMENT_PROFILE list-org-users
95
+ ```
96
+
97
+ Brief listing with timing:
98
+ ```bash
99
+ runbooks inventory --profile mgmt list-org-users --short --timing
100
+ ```
101
+
102
+ Identity Center only:
103
+ ```bash
104
+ runbooks inventory --profile mgmt list-org-users --idc --export-format csv
105
+ ```
106
+
107
+ Example (Legacy Python Main):
108
+ ```bash
109
+ python src/runbooks/inventory/list_org_accounts_users.py --profile my-org-profile
110
+ python src/runbooks/inventory/list_org_accounts_users.py --profile my-profile --idc
111
+ python src/runbooks/inventory/list_org_accounts_users.py --rootonly --iam
112
+ ```
113
+
83
114
  Future Enhancements:
84
115
  - Multi-threading for improved performance across large organizations
85
116
  - User access pattern analysis and behavioral analytics
@@ -87,28 +118,33 @@ Future Enhancements:
87
118
  - User optimization recommendations for identity governance
88
119
 
89
120
  Author: AWS CloudOps Team
90
- Version: 2024.05.09
121
+ Version: 1.1.10 (v1.1.10 parameter patterns + shared utilities)
91
122
  """
92
123
 
93
124
  import logging
94
125
  import sys
95
126
  from os.path import split
96
127
  from time import time
128
+ from typing import Dict, List, Optional
97
129
 
98
- from ArgumentsClass import CommonArguments
130
+ from runbooks.inventory.ArgumentsClass import CommonArguments
99
131
  from botocore.exceptions import ClientError
100
- from runbooks.common.rich_utils import console
101
- from Inventory_Modules import (
132
+ from runbooks.common.rich_utils import console, print_header, print_success, print_error, print_info
133
+ from runbooks.inventory.inventory_modules import (
102
134
  display_results,
103
135
  find_iam_users2,
104
136
  find_idc_directory_id2,
105
137
  find_idc_users2,
106
138
  get_all_credentials,
107
139
  )
140
+ from runbooks import __version__
141
+
142
+ logger = logging.getLogger(__name__)
143
+
144
+ # Terminal control constants
145
+ ERASE_LINE = '\x1b[2K'
108
146
  # Migrated to Rich.Progress - see rich_utils.py for enterprise UX standards
109
- # from tqdm.auto import tqdm
110
147
 
111
- __version__ = "2024.05.09"
112
148
  begin_time = time()
113
149
 
114
150
 
runbooks/inventory/list_rds_db_instances.py CHANGED
@@ -62,15 +62,15 @@ from queue import Queue
62
62
  from threading import Thread
63
63
  from time import time
64
64
 
65
- import Inventory_Modules
66
- from ArgumentsClass import CommonArguments
65
+ from runbooks.inventory import inventory_modules as Inventory_Modules
66
+ from runbooks.inventory.ArgumentsClass import CommonArguments
67
67
  from botocore.exceptions import ClientError
68
68
  from runbooks.common.rich_utils import console
69
- from Inventory_Modules import display_results, find_account_rds_instances2, get_all_credentials
69
+ from runbooks.inventory.inventory_modules import display_results, find_account_rds_instances2, get_all_credentials
70
70
  from runbooks.common.rich_utils import create_progress_bar
71
+ from runbooks import __version__
71
72
 
72
73
 
73
- __version__ = "2025.04.09"
74
74
 
75
75
 
76
76
  ##################
runbooks/inventory/list_route53_hosted_zones.py CHANGED
@@ -55,12 +55,12 @@ from queue import Queue
55
55
  from threading import Thread
56
56
  from time import time
57
57
 
58
- from ArgumentsClass import CommonArguments
58
+ from runbooks.inventory.ArgumentsClass import CommonArguments
59
59
  from botocore.exceptions import ClientError
60
60
  from runbooks.common.rich_utils import console
61
- from Inventory_Modules import display_results, find_private_hosted_zones2, get_all_credentials
61
+ from runbooks.inventory.inventory_modules import display_results, find_private_hosted_zones2, get_all_credentials
62
+ from runbooks import __version__
62
63
 
63
- __version__ = "2023.11.08"
64
64
 
65
65
  ########################
66
66
 
runbooks/inventory/list_servicecatalog_provisioned_products.py CHANGED
@@ -93,15 +93,15 @@ from queue import Queue
93
93
  from threading import Thread
94
94
  from time import time
95
95
 
96
- import Inventory_Modules
97
- from account_class import aws_acct_access
98
- from ArgumentsClass import CommonArguments
96
+ from runbooks.inventory import inventory_modules as Inventory_Modules
97
+ from runbooks.inventory.account_class import aws_acct_access
98
+ from runbooks.inventory.ArgumentsClass import CommonArguments
99
99
  from botocore.exceptions import ClientError, ProfileNotFound, UnknownCredentialError, UnknownRegionError
100
100
  from runbooks.common.rich_utils import console
101
- from Inventory_Modules import display_results
101
+ from runbooks.inventory.inventory_modules import display_results
102
102
  from runbooks.common.rich_utils import create_progress_bar
103
+ from runbooks import __version__
103
104
 
104
- __version__ = "2023.08.09"
105
105
 
106
106
  parser = CommonArguments()
107
107
  parser.singleprofile()
runbooks/inventory/list_sns_topics.py CHANGED
@@ -66,13 +66,13 @@ from queue import Queue
66
66
  from threading import Thread
67
67
  from time import time
68
68
 
69
- import Inventory_Modules
70
- from ArgumentsClass import CommonArguments
69
+ from runbooks.inventory import inventory_modules as Inventory_Modules
70
+ from runbooks.inventory.ArgumentsClass import CommonArguments
71
71
  from botocore.exceptions import ClientError
72
72
  from runbooks.common.rich_utils import console
73
- from Inventory_Modules import display_results, get_all_credentials
73
+ from runbooks.inventory.inventory_modules import display_results, get_all_credentials
74
+ from runbooks import __version__
74
75
 
75
- __version__ = "2023.11.08"
76
76
  begin_time = time()
77
77
 
78
78
 
runbooks/inventory/list_ssm_parameters.py CHANGED
@@ -62,14 +62,17 @@ from datetime import datetime, timedelta, timezone
62
62
  from os.path import split
63
63
  from time import time
64
64
 
65
- from ArgumentsClass import CommonArguments
65
+ from runbooks.inventory.ArgumentsClass import CommonArguments
66
66
  from botocore.exceptions import ClientError
67
67
  from runbooks.common.rich_utils import console
68
- from Inventory_Modules import display_results, find_ssm_parameters2, get_all_credentials
68
+ from runbooks.inventory.inventory_modules import display_results, find_ssm_parameters2, get_all_credentials
69
+ from runbooks import __version__
69
70
 
70
- __version__ = "2024.05.07"
71
71
  begin_time = time()
72
72
 
73
+ # ANSI escape sequence for terminal line clearing in progress display
74
+ ERASE_LINE = "\x1b[2K"
75
+
73
76
 
74
77
  ##################
75
78
  # Functions
runbooks/inventory/list_vpc_subnets.py CHANGED
@@ -73,13 +73,17 @@ from queue import Queue
73
73
  from threading import Thread
74
74
  from time import time
75
75
 
76
- import Inventory_Modules
77
- from ArgumentsClass import CommonArguments
76
+ from runbooks.inventory import inventory_modules as Inventory_Modules
77
+ from runbooks.inventory.ArgumentsClass import CommonArguments
78
78
  from botocore.exceptions import ClientError
79
79
  from runbooks.common.rich_utils import console
80
- from Inventory_Modules import display_results, get_all_credentials
80
+ from runbooks.inventory.inventory_modules import display_results, get_all_credentials
81
+ from runbooks import __version__
81
82
 
82
- __version__ = "2024.10.24"
83
+
84
+
85
+ # Terminal control constants
86
+ ERASE_LINE = '\x1b[2K'
83
87
 
84
88
  # TODO: Add Elastic IPs to this script as well.
85
89
 
runbooks/inventory/list_vpcs.py CHANGED
@@ -8,6 +8,13 @@ filtering for default VPCs to identify potential security risks.
8
8
 
9
9
  **AWS API Mapping**: `boto3.client('ec2').describe_vpcs()`
10
10
 
11
+ .. TODO v1.1.11: Performance optimization for large-scale VPC discovery
12
+ - Current: Timeouts at 540s for AWS Organizations with 100+ accounts
13
+ - Root Cause: Threading pool size (max 25) insufficient for large-scale discovery
14
+ - Improvement: Dynamic ThreadPoolExecutor sizing + concurrent pagination
15
+ - Target: Complete VPC discovery in <120s for 100+ accounts across 16 regions
16
+ - Reference: FinOps proven pattern (optimal_workers = min(accounts * regions, 50))
17
+
11
18
  Features:
12
19
  - Multi-account VPC discovery via AWS Organizations
13
20
  - Default VPC identification for security auditing
@@ -59,13 +66,17 @@ from queue import Queue
59
66
  from threading import Thread
60
67
  from time import time
61
68
 
62
- import Inventory_Modules
63
- from ArgumentsClass import CommonArguments
69
+ from runbooks.inventory import inventory_modules as Inventory_Modules
70
+ from runbooks.inventory.ArgumentsClass import CommonArguments
64
71
  from botocore.exceptions import ClientError
65
- from Inventory_Modules import display_results, get_all_credentials
72
+ from runbooks.inventory.inventory_modules import display_results, get_all_credentials
66
73
  from runbooks.common.rich_utils import console
74
+ from runbooks import __version__
75
+
76
+
67
77
 
68
- __version__ = "2024.01.26"
78
+ # Terminal control constants
79
+ ERASE_LINE = '\x1b[2K'
69
80
 
70
81
 
71
82
  ##########################