2 Answers
- Newest
- Most votes
- Most comments
0
I would say to start simple and create a script that accept region and account id as argument. A nice example is this one: https://anandmandilwar.com/2023/06/14/python-boto3-script-to-list-all-the-aws-resources-in-default-vpc-across-all-the-listed-aws-regions/
0
Adding to the other answer (which is correct - a script is one way to do this):
- While you can use an IAM user per region...
- ...IAM users are global within each account so you don't have to do that and it's far more convenient to use a single IAM user (or role) that has the permission required (read only in this case, it appears).
- There is no cost difference.
Also: Have you considered using AWS Config for this? There's nothing wrong with having a script to gather this information; but in large, multi-account environment Config can automatically collect the information you need and you can query Config directly.
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 19 days ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
Where are you planning on running your script, and what is your outcome here, why do you want to do this?