将aws账户的凭证报告格式更改为字典
Change credential report format of aws account to dictionary
我想要使用 boto3.Did 为我的 aws 帐户提供凭证报告,如下所示:
iam = boto3.client('iam',aws_access_key_id=access_key_id,aws_secret_access_key=secret_key,region_name=region)
creds=iam.get_credential_report()
print(creds)
它以下列格式给出输出:
{'Content': b'user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated\n<root_account>,arn:aws:iam::407203256002:root,2021-03-23T04:31:49+00:00,not_supported,2021-04-14T12:01:30+00:00,not_supported,not_supported,false,true,2021-03-31T05:36:58+00:00,2021-04-14T12:42:00+00:00,us-east-1,iam,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A\nuser-01,arn:aws:iam::407203256002:user/user-01,2021-03-31T12:17:53+00:00,false,N/A,N/A,N/A,false,true,2021-03-31T12:17:55+00:00,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A\nuser-02,arn:aws:iam::407203256002:user/user-02,2021-03-31T12:17:11+00:00,true,no_information,2021-03-31T12:17:14+00:00,2021-06-29T12:17:14+00:00,false,false,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A\nuser_03,arn:aws:iam::407203256002:user/user_03,2021-04-07T12:00:50+00:00,false,N/A,N/A,N/A,false,true,2021-04-07T12:00:52+00:00,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A', 'ReportFormat': 'text/csv', 'GeneratedTime': datetime.datetime(2021, 4, 14, 12, 48, 22, tzinfo=tzutc()), 'ResponseMetadata': {'RequestId': '5a82a64b-9e15-456f-a5db-95c6ae3918b1', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amzn-requestid': '5a82a64b-9e15-456f-a5db-95c6ae3918b1', 'content-type': 'text/xml', 'content-length': '2129', 'vary': 'accept-encoding', 'date': 'Wed, 14 Apr 2021 12:50:39 GMT'}, 'RetryAttempts': 0}}
有没有办法把它改成字典格式?
是的。您可以使用 python csv 模块转换成字典,但您需要先稍微清洗一下凭证报告:
import csv
iam = boto3.client('iam',aws_access_key_id=access_key_id,aws_secret_access_key=secret_key,region_name=region)
creds = iam.get_credential_report()
# First go from bytes to a list of strings
content = creds["Content"].decode("utf-8")
content_lines = content.split("\n")
# Initiate the reader, convert that to a list and turn that into a dict
creds_reader = csv.DictReader(content_lines, delimiter=",")
creds_dict = dict(enumerate(list(creds_reader)))
print(creds_dict)
结果类似于:
{0: {'user': '<root_account>', 'arn': 'arn:aws:iam::12456789088:root'....
{1: {'user': 'admin', 'arn': 'arn:aws:iam::12456789088:root'....
iam.get_credential_report() 的结果实际上已经是(嵌套的)dict,但是感兴趣的部分 'Content' 通常为 CSV 格式(如 bytes,而不是 str)。亲眼看看:
>>> list(creds.keys())
['Content', 'ReportFormat', 'GeneratedTime', 'ResponseMetadata']
可以观察到内容为CSV格式:
>>> creds['ReportFormat']
'text/csv'
最后,您可以使用 pandas 和 io 将其转换为漂亮且可用的 DataFrame:
import io
import pandas as pd
df = pd.read_csv(io.BytesIO(creds['Content']))
或者,如果您已经知道哪些列是日期并且想要进行一些 date/time 分析:
df = pd.read_csv(
io.BytesIO(creds['Content']),
parse_dates=['user_creation_time', 'password_last_used'] # etc.
)
我想要使用 boto3.Did 为我的 aws 帐户提供凭证报告,如下所示:
iam = boto3.client('iam',aws_access_key_id=access_key_id,aws_secret_access_key=secret_key,region_name=region)
creds=iam.get_credential_report()
print(creds)
它以下列格式给出输出:
{'Content': b'user,arn,user_creation_time,password_enabled,password_last_used,password_last_changed,password_next_rotation,mfa_active,access_key_1_active,access_key_1_last_rotated,access_key_1_last_used_date,access_key_1_last_used_region,access_key_1_last_used_service,access_key_2_active,access_key_2_last_rotated,access_key_2_last_used_date,access_key_2_last_used_region,access_key_2_last_used_service,cert_1_active,cert_1_last_rotated,cert_2_active,cert_2_last_rotated\n<root_account>,arn:aws:iam::407203256002:root,2021-03-23T04:31:49+00:00,not_supported,2021-04-14T12:01:30+00:00,not_supported,not_supported,false,true,2021-03-31T05:36:58+00:00,2021-04-14T12:42:00+00:00,us-east-1,iam,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A\nuser-01,arn:aws:iam::407203256002:user/user-01,2021-03-31T12:17:53+00:00,false,N/A,N/A,N/A,false,true,2021-03-31T12:17:55+00:00,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A\nuser-02,arn:aws:iam::407203256002:user/user-02,2021-03-31T12:17:11+00:00,true,no_information,2021-03-31T12:17:14+00:00,2021-06-29T12:17:14+00:00,false,false,N/A,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A\nuser_03,arn:aws:iam::407203256002:user/user_03,2021-04-07T12:00:50+00:00,false,N/A,N/A,N/A,false,true,2021-04-07T12:00:52+00:00,N/A,N/A,N/A,false,N/A,N/A,N/A,N/A,false,N/A,false,N/A', 'ReportFormat': 'text/csv', 'GeneratedTime': datetime.datetime(2021, 4, 14, 12, 48, 22, tzinfo=tzutc()), 'ResponseMetadata': {'RequestId': '5a82a64b-9e15-456f-a5db-95c6ae3918b1', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amzn-requestid': '5a82a64b-9e15-456f-a5db-95c6ae3918b1', 'content-type': 'text/xml', 'content-length': '2129', 'vary': 'accept-encoding', 'date': 'Wed, 14 Apr 2021 12:50:39 GMT'}, 'RetryAttempts': 0}}
有没有办法把它改成字典格式?
是的。您可以使用 python csv 模块转换成字典,但您需要先稍微清洗一下凭证报告:
import csv
iam = boto3.client('iam',aws_access_key_id=access_key_id,aws_secret_access_key=secret_key,region_name=region)
creds = iam.get_credential_report()
# First go from bytes to a list of strings
content = creds["Content"].decode("utf-8")
content_lines = content.split("\n")
# Initiate the reader, convert that to a list and turn that into a dict
creds_reader = csv.DictReader(content_lines, delimiter=",")
creds_dict = dict(enumerate(list(creds_reader)))
print(creds_dict)
结果类似于:
{0: {'user': '<root_account>', 'arn': 'arn:aws:iam::12456789088:root'....
{1: {'user': 'admin', 'arn': 'arn:aws:iam::12456789088:root'....
iam.get_credential_report() 的结果实际上已经是(嵌套的)dict,但是感兴趣的部分 'Content' 通常为 CSV 格式(如 bytes,而不是 str)。亲眼看看:
>>> list(creds.keys())
['Content', 'ReportFormat', 'GeneratedTime', 'ResponseMetadata']
可以观察到内容为CSV格式:
>>> creds['ReportFormat']
'text/csv'
最后,您可以使用 pandas 和 io 将其转换为漂亮且可用的 DataFrame:
import io
import pandas as pd
df = pd.read_csv(io.BytesIO(creds['Content']))
或者,如果您已经知道哪些列是日期并且想要进行一些 date/time 分析:
df = pd.read_csv(
io.BytesIO(creds['Content']),
parse_dates=['user_creation_time', 'password_last_used'] # etc.
)