Autodetect enabled regions

aws-solutions / account-assessment-for-aws-organizations

Account Assessment for AWS Organizations programmatically scans all AWS accounts in an AWS Organization for identity-based and resource-based policies with Organization-based conditions.

Apache License 2.0

28 stars 10 forks source link

Autodetect enabled regions #5

Closed devt closed 8 months ago

devt commented 1 year ago

Issue #4

Autodetect regions: If user does not provide a list of regions (or selects 'ALL') we make a call to ec2.describe_regions() (new function get_regions_for_account) for each account to determine the list of all regions which are enabled for the particular account

Please, note I have not tested this code

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

groverlalit commented 1 year ago

Thanks for opening this PR. We will review this in the next release cycle.

groverlalit commented 8 months ago

We have reviewed this PR. We will be supporting this feature request. However, we will implement list_regions API call using 'account' client instead of describe_regions using 'ec2' client.

The prefer to use list_regions API because it allows us to provide RegionOptStatusContains=['ENABLED'|'ENABLED_BY_DEFAULT']

groverlalit commented 8 months ago

Closing this PR.