0

I have 3 aws accounts and I need to list ec2 instances in all of those accounts using a python script. Here, I need to pass the aws access key id and aws secret access key in the .env file.

How do I set it up?

bad_coder
  • 11,289
  • 20
  • 44
  • 72
Samana Pokhrel
  • 1
  • 1
  • You are missing a little of context. How is presented your .env file? Are the access_key_id and secret_access_key the same for the 3 accounts and then you need to switch roles, or directly to the target account? – Floh Apr 12 '22 at 16:13
  • Do you mean `~/.aws/credentials` and `~/.aws/config`, which are the standard files for AWS credentials, rather than `.env`? – jarmod Apr 12 '22 at 16:14
  • No, the access key id and secret access key are different for all 3 accounts. – Samana Pokhrel Apr 12 '22 at 16:15
  • @jarmod no i meant the .env file. – Samana Pokhrel Apr 12 '22 at 16:16
  • 1
    What is the .env file? The AWS Python SDK doesn't use .env files afaik. Which AWS SDK do you use this .env file with? BTW if using the regular AWS config files (see above), you [supply a profile name](https://stackoverflow.com/questions/33378422/how-to-choose-an-aws-profile-when-using-boto3-to-connect-to-cloudfront) when creating a session. – jarmod Apr 12 '22 at 16:20
  • I used the boto3 SDK. For a single account the env file i created was: aws_account="abc" aws_access_key_id="xyz" aws_secret_access_key="jkl" aws_session_token="mno" – Samana Pokhrel Apr 12 '22 at 16:24
  • How do you present this .env file and your preferred profile, assuming it can contain multiple profiles, to the boto3 SDK? – jarmod Apr 12 '22 at 16:26
  • import boto3 from dotenv import load_dotenv import os load_dotenv() aws_account=os.getenv("aws_account") aws_access_key_id=os.getenv("aws_access_key_id") aws_secret_access_key=os.getenv("aws_secret_access_key") aws_session_token=os.getenv("aws_session_token") – Samana Pokhrel Apr 12 '22 at 16:29
  • I recommend you use the [standard config files](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html) with AWS SDKs. They also support multiple profiles. The dotenv files appear to be simple key/value pairs akin to bash environment settings. – jarmod Apr 12 '22 at 16:38

1 Answers1

1

You would have to pass the list of your profile names in your code

import boto3
available_profiles = [
    'your-profile-name'
]
available_regions = [
    'us-east-1',
    'eu-west-1'
]
# for each account, each region, create a session and then ec2 client. 
# You could also go with creation of a session in account and then only client in each region
for profile in available_profiles:
    for region in available_regions:
        aws_session = boto3.session.Session(profile_name=profile, region_name=region)
        ec2_client = aws_session.client(service_name='ec2', region_name=region)
        paginator = ec2_client.get_paginator('describe_instances')
        ec2_instances = paginator.paginate()
        all_instances = list()

        for response in ec2_instances:
            for reservation in response.get('Reservations', list()):
                for instance in reservation.get('Instances', list()):
                    instance['account_id'] = reservation['OwnerId']
                    all_instances.append(instance)
Caldazar
  • 2,801
  • 13
  • 21