Script fails when execution on unused region is disallowed.

[behemphi]

[boydhemphill@Boyds-MBP ~/code/scripts] [PROD]$./lw_aws_inventory.sh -p  contrast-production
eu-north-1

An error occurred (UnauthorizedOperation) when calling the DescribeInstances operation: You are not authorized to perform this operation.
./lw_aws_inventory.sh: line 78: 0 + : syntax error: operand expected (error token is " ")

We lock down unused regions, even to ourselves. Thus the script fails.

Recommend that user be able to specify regions as a list manually.

[michaelgutierrez0]

I tried to run this script using AWS cloudshell and was unsuccessful. These are the steps to reproduce:

Login to AWS management console using admin permissions. Go to AWS CloudShell service Click Actions Upload file. Then upload the file from here: https://github.com/lacework-dev/scripts/blob/main/bash/lw_aws_inventory.sh Run the file using ./lw_aws_inventory.sh

I get these results: [cloudshell-user@ip-10-0-27-187 ~]$ ./lw_aws_inventory.sh ###################################################################### Lacework inventory collection complete.

EC2 Instances: 0 RDS Instances: 0 Redshift Clusters: 0 v1 Load Balancers: 0 v2 Load Balancers: 0 NAT Gateways: 0

Total Resources:

Fargate Information

ECS Fargate Clusters: 0 ECS Fargate Running Containers/Tasks: 0

Additional Serverless Inventory Details (NOT included in Total Resources count above):

Lambda Functions Exist: No [cloudshell-user@ip-10-0-27-187 ~]$

These are not accurate. I think the script might be failing for the same reason as this GitHub issue: https://github.com/lacework-dev/scripts/issues/12 . We use control tower to deny access to all regions except for us-east-1, ap-northeast-1, and us-west-2 (https://aws.amazon.com/blogs/aws/new-for-aws-control-tower-region-deny-and-guardrails-to-help-you-meet-data-residency-requirements/).