英文:
boto3 Access Analyzer list not all findings
问题
I'm trying to List ALL findings from AWS Access analyzer and save them to a csv file. But i always get only 2047 findings but in AWS console I see about 7000. I'm using boto3 version 1.26.123
我尝试列出 AWS 访问分析器中的所有发现并将它们保存到 CSV 文件中。但我总是只能获得 2047 个发现,但在 AWS 控制台中我看到大约有 7000 个。我正在使用 boto3 版本 1.26.123
Below my code:
下面是我的代码:
from boto3.session import Session
from boto3 import __version__ as vv
from csv import writer
print(vv)
mySession = Session(profile_name='nonprod-security-engine')
conn = mySession.client('accessanalyzer')
paginator = conn.get_paginator('list_findings')
data = []
number = 0
for page in paginator.paginate(
analyzerArn='arn:aws:access-analyzer:ap-southeast-1:XXXXXXXXX:analyzer/access-analyzer',
PaginationConfig={
'PageSize': 100
}
):
for finding in page['findings']:
### generate matrix table for each finding
action=''
if 'action' in finding:
action = " ".join(finding['action'])
test = finding['action']
principal=''
if 'principal' in finding:
principal = finding['principal']
isPublic=''
if 'isPublic' in finding:
isPublic = finding['isPublic']
condition=''
if 'condition' in finding:
condition = finding['condition']
error=''
if 'error' in finding:
error = finding['error']
sources=''
if 'sources' in finding:
sources = finding['sources']
data.append([
finding['id'],
principal,
action,
finding['resource'],
isPublic,
finding['resourceType'],
condition,
finding['createdAt'],
finding['analyzedAt'],
finding['updatedAt'],
finding['status'],
finding['resourceOwnerAccount'],
error,
sources
])
number += 1
print(number)
print(test)
print(f"Total number {number}")
## Header for CSV file
header = [
'id',
'principal',
'action',
'resource',
'isPublic',
'resourceType',
'condition',
'createdAt',
'analyzedAt',
'updatedAt',
'status',
'resourceOwnerAccount',
'error',
'sources'
]
### Save CSV Report to findings.csv
with open('findings.csv', 'w', encoding='UTF8', newline='') as f:
writer = writer(f,delimiter=';')
writer.writerow(header)
writer.writerows(data)
I'm tried to use other paginator configurations but every time the same result. I would like to know why in AWS Console I see much more findings that in csv file which I generated.
我尝试使用其他分页配置,但每次都获得相同的结果。我想知道为什么在 AWS 控制台中我看到的发现比我生成的 CSV 文件中的要多。
I have also tried to use filters for ACTIVE and RESOLVED. When I use RESOLVED in boto3, I receive 237 findings, but in the console, I see almost 1000. Is this possible that on console are outdated findings?
我还尝试使用 ACTIVE 和 RESOLVED 过滤器。当我在 boto3 中使用 RESOLVED 时,我收到了 237 个发现,但在控制台中,我看到了近 1000 个。这可能是因为控制台上的发现已经过时吗?
英文:
I'm trying to List ALL findings from AWS Access analyzer and save them to csv file.
But i always get only 2047 findings but in AWS console I see about 7000.
I'm using boto3 version 1.26.123
Below my code:
from boto3.session import Session
from boto3 import __version__ as vv
from csv import writer
print(vv)
mySession = Session(profile_name='nonprod-security-engine')
conn = mySession.client('accessanalyzer')
paginator = conn.get_paginator('list_findings')
data = []
number = 0
for page in paginator.paginate(
analyzerArn='arn:aws:access-analyzer:ap-southeast-1:XXXXXXXXX:analyzer/access-analyzer',
PaginationConfig={
'PageSize': 100
}
):
for finding in page['findings']:
### generate matrix table for each finding
action=''
if 'action' in finding:
action = " ".join(finding['action'])
test = finding['action']
principal=''
if 'principal' in finding:
principal = finding['principal']
isPublic=''
if 'isPublic' in finding:
isPublic = finding['isPublic']
condition=''
if 'condition' in finding:
condition = finding['condition']
error=''
if 'error' in finding:
error = finding['error']
sources=''
if 'sources' in finding:
sources = finding['sources']
data.append([
finding['id'],
principal,
action,
finding['resource'],
isPublic,
finding['resourceType'],
condition,
finding['createdAt'],
finding['analyzedAt'],
finding['updatedAt'],
finding['status'],
finding['resourceOwnerAccount'],
error,
sources
])
number += 1
print(number)
print(test)
print(f"Total number {number}")
## Header for CSV file
header = [
'id',
'principal',
'action',
'resource',
'isPublic',
'resourceType',
'condition',
'createdAt',
'analyzedAt',
'updatedAt',
'status',
'resourceOwnerAccount',
'error',
'sources'
]
### Save CSV Report to findings.csv
with open('findings.csv', 'w', encoding='UTF8', newline='') as f:
writer = writer(f,delimiter=";")
writer.writerow(header)
writer.writerows(data)
I'm tried to use other paginator configurations but every time the same result.
I would like to know why in AWS Console I see much more findings that in csv file which i generated.
I have also try to use filter for ACTIVE and RESOLVED,
when i use RESOLVED in boto3 i receive 237 findings but in console i see almost 1000.
Is this possible that on console are outdated findings?
答案1
得分: 0
感谢AWS Support的帮助,我们已经确定了与AWS控制台GUI相关的问题的原因。看起来重复点击“下一页”按钮可能会导致显示的问题数量不正确。但是,我要向您保证,AWS已经意识到这个问题,并正在积极努力解决它。
英文:
Thanks to the assistance of AWS Support, we have identified the cause of the issue related to the AWS Console GUI. It appears that repeatedly clicking on the "next page" button can result in an incorrect number of findings being displayed. However, I want to assure you that AWS is aware of this issue and is actively working on a resolution to fix it.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论