PSWinDocumentation.AWS.psm1
function Find-TypesNeeded { [CmdletBinding()] param ($TypesRequired, $TypesNeeded) [bool] $Found = $False foreach ($Type in $TypesNeeded) { if ($TypesRequired -contains $Type) { $Found = $true break } } return $Found } function Get-Types { [CmdletBinding()] param ([Object] $Types) $TypesRequired = foreach ($Type in $Types) { $Type.GetEnumValues() } return $TypesRequired } Add-Type -TypeDefinition @" using System; namespace PSWinDocumentation { [Flags] public enum AWS { AWSEC2Details, AWSElasticIpDetails, AWSIAMDetails, AWSLBDetails, AWSRDSDetails, AWSSubnetDetails } } "@ function Get-AWSEC2Details { [CmdletBinding()] param ([string] $AWSAccessKey, [string] $AWSSecretKey, [string] $AWSRegion) try { $EC2Instances = Get-EC2Instance -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSEC2Details - Error: $ErrorMessage" return } $EC2DetailsList = foreach ($instance in $EC2Instances) { $ec2 = [pscustomobject] @{'Instance ID' = $instance[0].Instances[0].InstanceId "Instance Name" = $instance[0].Instances[0].Tags | Where-Object { $_.key -eq "Name" } | Select-Object -Expand Value "Environment" = $instance[0].Instances[0].Tags | Where-Object { $_.key -eq "Environment" } | Select-Object -Expand Value "Instance Type" = $instance[0].Instances[0].InstanceType "Private IP" = $instance[0].Instances[0].PrivateIpAddress "Public IP" = $instance[0].Instances[0].PublicIpAddress } $ec2 } return $EC2DetailsList } function Get-AWSElasticIpDetails { [CmdletBinding()] param ([string] $AWSAccessKey, [string] $AWSSecretKey, [string] $AWSRegion) try { $EIPs = Get-EC2Address -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSElasticIpDetails - Error: $ErrorMessage" return } $EIPDetailsList = foreach ($eip in $EIPs) { $ElasticIP = [pscustomobject] @{"Name" = $eip.Tags | Where-Object { $_.key -eq "Name" } | Select-Object -Expand Value "IP" = $eip.PublicIp "Assigned to" = $eip.InstanceId "Network Interface" = $eip.NetworkInterfaceId } $ElasticIP } return $EIPDetailsList } function Get-AWSIAMDetails { [CmdletBinding()] param ([string] $AWSAccessKey, [string] $AWSSecretKey, [string] $AWSRegion) try { $IAMUsers = Get-IAMUsers -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSIAMDetails - Error: $ErrorMessage" return } $IAMDetailsList = foreach ($user in $IAMUsers) { $groupsTemp = (Get-IAMGroupForUser -UserName $user.UserName -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion).GroupName $mfaTemp = (Get-IAMMFADevice -UserName $user.UserName -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion).EnableDate $accessKeysCreationDateTemp = (Get-IAMAccessKey -UserName $user.UserName -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion).CreateDate $IAMUser = [pscustomobject] @{"User Name" = $user.UserName "Groups" = if ([string]::IsNullOrEmpty($groupsTemp)) { "No groups assigned" } Else { $groupsTemp -join ", " } "MFA Since" = if ([string]::IsNullOrEmpty($mfaTemp)) { "Missing MFA" } Else { $mfaTemp } "Access Keys Count" = $accessKeysCreationDateTemp.Count "Access Keys Creation Date" = $accessKeysCreationDateTemp -join ", " } $IAMUser } return $IAMDetailsList } function Get-AWSLBDetails { [CmdletBinding()] param ([string] $AWSAccessKey, [string] $AWSSecretKey, [string] $AWSRegion) try { $ELBs = Get-ELBLoadBalancer -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion $ALBs = Get-ELB2LoadBalancer -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSLBDetails - Error: $ErrorMessage" return } $LBDetailsList = @(foreach ($lb in $ELBs) { $LB = [pscustomobject] @{"Name" = $lb.LoadBalancerName "Type" = "ELB" "Scheme" = $lb.Scheme "DNS Name" = $lb.DNSName "Targets" = $lb.Instances.InstanceId -join ", " } $LB } foreach ($lb in $ALBs) { $LB = [pscustomobject] @{"Name" = $lb.LoadBalancerName "Type" = "ALB" "Scheme" = $lb.Scheme "DNS Name" = $lb.DNSName "Targets" = "Dynamic Routing" } $LB }) return $LBDetailsList } function Get-AWSRDSDetails { [CmdletBinding()] param ([string] $AWSAccessKey, [string] $AWSSecretKey, [string] $AWSRegion) try { $RDSInstances = Get-RDSDBInstance -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSRDSDetails - Error: $ErrorMessage" return } $RDSDetailsList = foreach ($instance in $RDSInstances) { $RDS = [pscustomobject] @{"Name" = $instance.DBInstanceIdentifier "Class" = $instance.DBInstanceClass "MutliAz" = if ($instance.Engine.StartsWith("aurora")) { "not applicable" } Else { $instance.MultiAz } "Engine" = $instance.Engine "Engine Version" = $instance.EngineVersion "Storage" = if ($instance.Engine.StartsWith("aurora")) { "Dynamic" } Else { [string]::Format("{0} GB", $instance.AllocatedStorage) } "Environment" = Get-RDSTagForResource -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion -ResourceName $instance.DBInstanceArn | Where-Object { $_.key -eq "Environment" } | Select-Object -Expand Value } $RDS } return $RDSDetailsList } function Get-AWSSubnetDetails { [CmdletBinding()] param ([string] $AWSAccessKey, [string] $AWSSecretKey, [string] $AWSRegion) try { $Subnets = Get-EC2Subnet -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSSubnetDetails - Error: $ErrorMessage" return } try { $VPCID = (Get-EC2Vpc -AccessKey $AWSAccessKey -SecretKey $AWSSecretKey -Region $AWSRegion) } catch { $ErrorMessage = $_.Exception.Message Write-Warning "Get-AWSSubnetDetails - Error: $ErrorMessage" return } $NetworkDetailsList = foreach ($subnet in $Subnets) { $SN = [pscustomobject] @{"Subnet ID" = $subnet.SubnetId "Subnet Name" = $subnet.Tags | Where-Object { $_.key -eq "Name" } | Select-Object -Expand Value "CIDR" = $subnet.CidrBlock "Available IP" = $subnet.AvailableIpAddressCount "VPC" = ($VPCID | Where-Object { $_.VpcId -eq $Subnet.VpcId }).Tags | Where-Object { $_.key -eq "Name" } | Select-Object -Expand Value } $SN } return $NetworkDetailsList } function Get-WinAWSInformation { [CmdletBinding()] param([alias('AccessKey')][string] $AWSAccessKey, [alias('SecretKey')][string] $AWSSecretKey, [alias('Region')][string] $AWSRegion, [PSWinDocumentation.AWS[]] $TypesRequired) $Data = [ordered] @{ } if ($null -eq $TypesRequired) { Write-Verbose 'Get-AWSInformation - TypesRequired is null. Getting all AWS types.' $TypesRequired = Get-Types -Types ([PSWinDocumentation.AWS]) } if (Find-TypesNeeded -TypesRequired $TypesRequired -TypesNeeded @([PSWinDocumentation.AWS]::AWSEC2Details)) { Write-Verbose "Getting AWS information - AWSEC2Details" $Data.AWSEC2Details = Get-AWSEC2Details -AWSAccessKey $AWSAccessKey -AWSSecretKey $AWSSecretKey -AWSRegion $AWSRegion -Verbose:$False } if (Find-TypesNeeded -TypesRequired $TypesRequired -TypesNeeded @([PSWinDocumentation.AWS]::AWSRDSDetails)) { Write-Verbose "Getting AWS information - AWSRDSDetails" $Data.AWSRDSDetails = Get-AWSRDSDetails -AWSAccessKey $AWSAccessKey -AWSSecretKey $AWSSecretKey -AWSRegion $AWSRegion -Verbose:$False } if (Find-TypesNeeded -TypesRequired $TypesRequired -TypesNeeded @([PSWinDocumentation.AWS]::AWSLBDetails)) { Write-Verbose "Getting AWS information - AWSLBDetails" $Data.AWSLBDetails = Get-AWSLBDetails -AWSAccessKey $AWSAccessKey -AWSSecretKey $AWSSecretKey -AWSRegion $AWSRegion -Verbose:$False } if (Find-TypesNeeded -TypesRequired $TypesRequired -TypesNeeded @([PSWinDocumentation.AWS]::AWSSubnetDetails)) { Write-Verbose "Getting AWS information - AWSSubnetDetails" $Data.AWSSubnetDetails = Get-AWSSubnetDetails -AWSAccessKey $AWSAccessKey -AWSSecretKey $AWSSecretKey -AWSRegion $AWSRegion -Verbose:$False } if (Find-TypesNeeded -TypesRequired $TypesRequired -TypesNeeded @([PSWinDocumentation.AWS]::AWSElasticIpDetails)) { Write-Verbose "Getting AWS information - AWSElasticIpDetails" $Data.AWSElasticIpDetails = Get-AWSElasticIpDetails -AWSAccessKey $AWSAccessKey -AWSSecretKey $AWSSecretKey -AWSRegion $AWSRegion -Verbose:$False } if (Find-TypesNeeded -TypesRequired $TypesRequired -TypesNeeded @([PSWinDocumentation.AWS]::AWSIAMDetails)) { Write-Verbose "Getting AWS information - AWSIAMDetails" $Data.AWSIAMDetails = Get-AWSIAMDetails -AWSAccessKey $AWSAccessKey -AWSSecretKey $AWSSecretKey -AWSRegion $AWSRegion -Verbose:$False } return $Data } Export-ModuleMember -Function @('Get-WinAWSInformation') -Alias @() |