Reasoning: My CloudTrail log path may not always be AWSLogs/{account_id}/CloudTrail
2. Ability to handle scenario wherein an organization may have multiple accounts and CloudTrail logs are stored in a centralized manner in a particular account
For example, we have three accounts account_1, account_2, and account_3. account_1 and account_2 are my prod & dev accounts respectively. account_3 is my monitoring account where I have a custom Lambda for pulling in CloudTrail logs from account_1 and account_2 and storing in an S3 bucket in account_3.
When running queries, cloudtracker would need to interact with both the target account (prod or dev) and account_3.
3. Ability to generate reports in json/csv format
This will help feed results into tools like Splunk.
4. Ability to provide a --profile argument while executing cloudtracker
Reasoning: My AWS credentials may be stored in a profile other than default
Have a few feature requests that will make my life easier and not have me refactor/rewrite the code.
If some or all of these are already covered by some existing functionality, I apologize for missing it.
1. Ability to modify the CloudTrail log path mentioned in athena.py
cloudtrail_log_path = 's3://{bucket}/{path}/AWSLogs/{account_id}/CloudTrail'
Reasoning: My CloudTrail log path may not always be
AWSLogs/{account_id}/CloudTrail
2. Ability to handle scenario wherein an organization may have multiple accounts and CloudTrail logs are stored in a centralized manner in a particular account
For example, we have three accounts
account_1
,account_2
, andaccount_3
.account_1
andaccount_2
are my prod & dev accounts respectively.account_3
is my monitoring account where I have a custom Lambda for pulling in CloudTrail logs fromaccount_1
andaccount_2
and storing in an S3 bucket inaccount_3
.When running queries, cloudtracker would need to interact with both the target account (prod or dev) and
account_3
.3. Ability to generate reports in json/csv format
This will help feed results into tools like Splunk.
4. Ability to provide a
--profile
argument while executing cloudtrackerReasoning: My AWS credentials may be stored in a profile other than default