|
#!/bin/bash |
|
|
|
echo "=== AWS Account Resource Scan ===" |
|
echo "Account: $(aws sts get-caller-identity --query Account --output text)" |
|
echo "" |
|
|
|
# Get list of all enabled regions |
|
echo "Fetching regions..." |
|
REGIONS=$(aws ec2 describe-regions --region us-east-1 \ |
|
--filters "Name=opt-in-status,Values=opt-in-not-required,opted-in" \ |
|
--query 'Regions[*].RegionName' --output text 2>/dev/null) |
|
|
|
if [ -z "$REGIONS" ]; then |
|
echo "Error: Could not fetch regions. Check your AWS credentials and permissions." |
|
exit 1 |
|
fi |
|
|
|
echo "Scanning regions: $REGIONS" |
|
echo "" |
|
|
|
# S3 Buckets (global service, no region needed) |
|
echo "=== S3 Buckets ===" |
|
s3_output=$(aws s3 ls 2>/dev/null) |
|
if [ -n "$s3_output" ]; then |
|
echo "$s3_output" |
|
else |
|
echo "No S3 Buckets found" |
|
fi |
|
|
|
# EC2 Instances |
|
echo -e "\n=== EC2 Instances ===" |
|
found_ec2=false |
|
for region in $REGIONS; do |
|
instances=$(aws ec2 describe-instances --region $region \ |
|
--query 'Reservations[*].Instances[*].[InstanceId,State.Name,Tags[?Key==`Name`].Value|[0]]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$instances" ]; then |
|
echo "Region: $region" |
|
echo "$instances" |
|
found_ec2=true |
|
fi |
|
done |
|
if [ "$found_ec2" = false ]; then |
|
echo "No EC2 Instances found" |
|
fi |
|
|
|
# RDS Databases |
|
echo -e "\n=== RDS Databases ===" |
|
found_rds=false |
|
for region in $REGIONS; do |
|
dbs=$(aws rds describe-db-instances --region $region \ |
|
--query 'DBInstances[*].[DBInstanceIdentifier,DBInstanceStatus,Engine]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$dbs" ]; then |
|
echo "Region: $region" |
|
echo "$dbs" |
|
found_rds=true |
|
fi |
|
done |
|
if [ "$found_rds" = false ]; then |
|
echo "No RDS Databases found" |
|
fi |
|
|
|
# Lambda Functions |
|
echo -e "\n=== Lambda Functions ===" |
|
found_lambda=false |
|
for region in $REGIONS; do |
|
funcs=$(aws lambda list-functions --region $region \ |
|
--query 'Functions[*].[FunctionName,Runtime]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$funcs" ]; then |
|
echo "Region: $region" |
|
echo "$funcs" |
|
found_lambda=true |
|
fi |
|
done |
|
if [ "$found_lambda" = false ]; then |
|
echo "No Lambda Functions found" |
|
fi |
|
|
|
# ECS Clusters |
|
echo -e "\n=== ECS Clusters ===" |
|
found_ecs=false |
|
for region in $REGIONS; do |
|
clusters=$(aws ecs list-clusters --region $region \ |
|
--query 'clusterArns[*]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$clusters" ]; then |
|
echo "Region: $region" |
|
echo "$clusters" |
|
found_ecs=true |
|
fi |
|
done |
|
if [ "$found_ecs" = false ]; then |
|
echo "No ECS Clusters found" |
|
fi |
|
|
|
# EKS Clusters |
|
echo -e "\n=== EKS Clusters ===" |
|
found_eks=false |
|
for region in $REGIONS; do |
|
eks=$(aws eks list-clusters --region $region \ |
|
--query 'clusters[*]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$eks" ]; then |
|
echo "Region: $region" |
|
echo "$eks" |
|
found_eks=true |
|
fi |
|
done |
|
if [ "$found_eks" = false ]; then |
|
echo "No EKS Clusters found" |
|
fi |
|
|
|
# DynamoDB Tables |
|
echo -e "\n=== DynamoDB Tables ===" |
|
found_dynamodb=false |
|
for region in $REGIONS; do |
|
tables=$(aws dynamodb list-tables --region $region \ |
|
--query 'TableNames[*]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$tables" ]; then |
|
echo "Region: $region" |
|
echo "$tables" |
|
found_dynamodb=true |
|
fi |
|
done |
|
if [ "$found_dynamodb" = false ]; then |
|
echo "No DynamoDB Tables found" |
|
fi |
|
|
|
# CloudFormation Stacks |
|
echo -e "\n=== CloudFormation Stacks ===" |
|
found_cfn=false |
|
for region in $REGIONS; do |
|
stacks=$(aws cloudformation list-stacks --region $region \ |
|
--query 'StackSummaries[?StackStatus!=`DELETE_COMPLETE`].[StackName,StackStatus]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$stacks" ]; then |
|
echo "Region: $region" |
|
echo "$stacks" |
|
found_cfn=true |
|
fi |
|
done |
|
if [ "$found_cfn" = false ]; then |
|
echo "No CloudFormation Stacks found" |
|
fi |
|
|
|
# Elastic Beanstalk |
|
echo -e "\n=== Elastic Beanstalk Applications ===" |
|
found_eb=false |
|
for region in $REGIONS; do |
|
apps=$(aws elasticbeanstalk describe-applications --region $region \ |
|
--query 'Applications[*].ApplicationName' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$apps" ]; then |
|
echo "Region: $region" |
|
echo "$apps" |
|
found_eb=true |
|
fi |
|
done |
|
if [ "$found_eb" = false ]; then |
|
echo "No Elastic Beanstalk Applications found" |
|
fi |
|
|
|
# VPCs |
|
echo -e "\n=== VPCs ===" |
|
found_vpc=false |
|
for region in $REGIONS; do |
|
vpcs=$(aws ec2 describe-vpcs --region $region \ |
|
--query 'Vpcs[*].[VpcId,IsDefault,Tags[?Key==`Name`].Value|[0]]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$vpcs" ]; then |
|
echo "Region: $region" |
|
echo "$vpcs" |
|
found_vpc=true |
|
fi |
|
done |
|
if [ "$found_vpc" = false ]; then |
|
echo "No VPCs found" |
|
fi |
|
|
|
# Lightsail Instances |
|
echo -e "\n=== Lightsail Instances ===" |
|
found_lightsail=false |
|
# Lightsail has its own region list |
|
lightsail_regions=$(aws lightsail get-regions --query 'regions[*].name' --output text 2>/dev/null) |
|
if [ -n "$lightsail_regions" ]; then |
|
for region in $lightsail_regions; do |
|
instances=$(aws lightsail get-instances --region $region \ |
|
--query 'instances[*].[name,state.name]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$instances" ]; then |
|
echo "Region: $region" |
|
echo "$instances" |
|
found_lightsail=true |
|
fi |
|
done |
|
fi |
|
if [ "$found_lightsail" = false ]; then |
|
echo "No Lightsail Instances found" |
|
fi |
|
|
|
# ElastiCache |
|
echo -e "\n=== ElastiCache Clusters ===" |
|
found_elasticache=false |
|
for region in $REGIONS; do |
|
clusters=$(aws elasticache describe-cache-clusters --region $region \ |
|
--query 'CacheClusters[*].[CacheClusterId,CacheClusterStatus,Engine]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$clusters" ]; then |
|
echo "Region: $region" |
|
echo "$clusters" |
|
found_elasticache=true |
|
fi |
|
done |
|
if [ "$found_elasticache" = false ]; then |
|
echo "No ElastiCache Clusters found" |
|
fi |
|
|
|
# Load Balancers (ALB/NLB) |
|
echo -e "\n=== Load Balancers ===" |
|
found_elb=false |
|
for region in $REGIONS; do |
|
lbs=$(aws elbv2 describe-load-balancers --region $region \ |
|
--query 'LoadBalancers[*].[LoadBalancerName,Type,State.Code]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$lbs" ]; then |
|
echo "Region: $region" |
|
echo "$lbs" |
|
found_elb=true |
|
fi |
|
done |
|
if [ "$found_elb" = false ]; then |
|
echo "No Load Balancers found" |
|
fi |
|
|
|
# Redshift Clusters |
|
echo -e "\n=== Redshift Clusters ===" |
|
found_redshift=false |
|
for region in $REGIONS; do |
|
clusters=$(aws redshift describe-clusters --region $region \ |
|
--query 'Clusters[*].[ClusterIdentifier,ClusterStatus]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$clusters" ]; then |
|
echo "Region: $region" |
|
echo "$clusters" |
|
found_redshift=true |
|
fi |
|
done |
|
if [ "$found_redshift" = false ]; then |
|
echo "No Redshift Clusters found" |
|
fi |
|
|
|
# SQS Queues |
|
echo -e "\n=== SQS Queues ===" |
|
found_sqs=false |
|
for region in $REGIONS; do |
|
queues=$(aws sqs list-queues --region $region \ |
|
--query 'QueueUrls[*]' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$queues" ]; then |
|
echo "Region: $region" |
|
echo "$queues" |
|
found_sqs=true |
|
fi |
|
done |
|
if [ "$found_sqs" = false ]; then |
|
echo "No SQS Queues found" |
|
fi |
|
|
|
# SNS Topics |
|
echo -e "\n=== SNS Topics ===" |
|
found_sns=false |
|
for region in $REGIONS; do |
|
topics=$(aws sns list-topics --region $region \ |
|
--query 'Topics[*].TopicArn' \ |
|
--output text 2>/dev/null) |
|
if [ -n "$topics" ]; then |
|
echo "Region: $region" |
|
echo "$topics" |
|
found_sns=true |
|
fi |
|
done |
|
if [ "$found_sns" = false ]; then |
|
echo "No SNS Topics found" |
|
fi |
|
|
|
echo -e "\n=== Scan Complete ===" |
