From a9a4f25581fe65cea46379ed18322586707e2748 Mon Sep 17 00:00:00 2001
From: ozmodiar192 <mattdherrick@gmail.com>
Date: Fri, 14 May 2021 09:12:53 -0500
Subject: [PATCH] Script to audit instances and sgs

This script gets all your instances, their tags, and the attached security groups and rules.  Useful for auditing and compliance reporting
---
 getInstancesAndSGs.py | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 getInstancesAndSGs.py

diff --git a/getInstancesAndSGs.py b/getInstancesAndSGs.py
new file mode 100644
index 0000000..297964c
--- /dev/null
+++ b/getInstancesAndSGs.py
@@ -0,0 +1,34 @@
+#!/usr/bin/python
+import boto3
+import json
+
+client = boto3.client('ec2')
+instancedata = {"Instances": []}
+
+try:
+    response = client.describe_instances()
+    for reservation in response['Reservations']:
+        for instance in reservation['Instances']:
+            instancetags = {"InstanceTags": {}}
+            securitygroups = {"SecurityGroup": {}}
+            instanceid = instance['InstanceId']
+            instancetags["InstanceTags"] = instance['Tags']
+            combined = {instanceid: {}}
+            combined[instanceid] = instancetags
+            for securityGroup in instance['SecurityGroups']:
+                response = client.describe_security_groups(
+                    GroupIds=[
+                        securityGroup["GroupId"]
+                    ],
+                )
+                sgname = response['SecurityGroups'][0]['GroupName']
+                currentsg = {sgname: {}}
+                currentsg[sgname]["SGDesc"] = response['SecurityGroups'][0]['Description']
+                currentsg[sgname ]["IPPermissions"] = response['SecurityGroups'][0]['IpPermissions']
+                securitygroups["SecurityGroup"].update(currentsg)
+                combined[instanceid].update(securitygroups)
+        instancedata["Instances"].append(combined)
+    print(json.dumps(instancedata, indent=2))
+
+except Exception as E:
+    print(E)